I started with a problem connecting to a webservice on a remote server [internal] from a custom made program.
We tested the ws from Firefox and Chrome - both latest and it connects instantly. But in IE10 (latest version for windows 2012 not R2) we get a page can't be displayed error:
Make sure the web address https://remoteserver:9443 is correct.
Look for the page with your search engine.
Refresh the page in a few minutes.
Make sure TLS and SSL protocols are enabled. Go to Tools > Internet Options > Advanced > Settings > Security
I think that IE10 and our program are using the same system libraries, and thats the reason both cannot connect to the web service. If i solve the problem with IE i presume that i could connect to the ws from the program.
The url port is custom and OK as other browsers work. IE10 can open HTTPS connection to other remote servers.
I tried:
flushing DNS setting,
reinstalling the CA certificate. Certificate is valid in chrome.
enabling TLS1.0, TLS1.1, TLS1.2, SSLv3 and SSLv2
telnet to remote server on port 9443 works
Using developer tool in IE simulated IE 9, IE8, ...
ping to remote sever works
nslookup finds the remote server
What could be the cause of this issue?
A combination of hardening for PCI DSS(securing servers) and the webservice provider not announcing protocols that were enabled was causing the issue.
Moving the server out of PCIDSS policy made the webservice connection function normally.
The changes were displayed only after restarting the server, because of registry modification.
Thanks to #Steffen Ullrich for driving me in the right direction.
Related
I'm using a Microsoft add-in for Powerpoint called 'Web Viewer' (it's just an iframe, you insert a URL, it displays it in the slide).
I inserted a webpage that uses Socket.IO, and I'm seeing it is not able to connect to the server (even the long polling it's falling back on is not working).
Clearly this is not an issue with the add-in: Any ideas what is going on here?
I tested on Mac 10.13.4 (latest) / Powerpoint (16.12, Office 365 Home) (latest).
The same webpage works in an iframe in the latest Chrome, Firefox, Safari, IE11, so I'm thinking something wonky is going on with the embedded (Webkit) browser that Powerpoint is using on Mac.
The general request flow is:
Browser -> AWS ALB (with stickiness enabled) -> Nginx -> Node
UPDATE
Looked into this further, and having tested other pages that use Socket.IO, I think the only difference in their setups and here is the ALB.
Even with stickiness enabled, the load balancer is clearly seen (in the logs) passing traffic between all EC2s. This leads me to believe the cookie they use is either not being set or not being passed with the requests.
First of all, based on this github issue it should be possible to open a websocket.
There might be a problem with using the unsecure ws://. I know that officejs rejects all requests to http:// and forces you to use https:// with a secure certificate. So they might do the same with WebSockets and force you to use wss:// with a valid certificate.
You can test this more easily in Power Point Online with Chrome. The addin is the same but you get much better error logging in the Devtools Console (hit F12). If it's asecurity issue there should be an error message indicating it.
I had the same issue and S.Freederle is correct. Now I'm able to use socket.io via ngrok to create a secure tunnel (HttpS) to connect to my server and emit the data to my client side in office add-in.
I have a test server that I can ping successfully although I'm not able to see a hello world test page I've created and mapped in IIS. I've also created an Inbound rule in the windows firewall. Is there something else I'm missing? I'm browsing http://x.x.x.x:888
Any advice greatly appreciated.
Many thanks,
Update
This is a AWS server
Have tried telnet from a client machine but I get Operation timed out
Nothing in IIS logs (C:\inetpub\logs\LogFiles\xxx)
Port 888 is what I assign the test website to in IIS
Have also moved the test file (index.htm) into the default website within IIS and tried browsing http://x.x.x.x:80/index.htm but I get This site can’t be reached
browsing http://localhost on the server displays the 'hello' message test page.
In windows explorer I've gone to the security settings by right clicking on the website folder and allowing 'everyone' read access
Firewall screen shot
Important update
the IP http://x.x.x.x:888 is the public IP within AWS for the server, not the interal IP of that actual server
On windows 10, I found a firewall issue for my testing server, this worked for me: go to Windows Firewall -> Advanced Settings -> Windows Firewall properties and set a public profile to allow incoming connections.
I am trying to make Sonarqube working on a virtual machine, IP 192.168.0.150, running on a production server (Win Server 2012 R2). I need also to access it from the Internet. Thus, I created a new website in IIS on the Physical server enabling the reverse proxy and redirecting everything to 192.168.0.150. This apparently works: I can access successfully the dashboard from any remote pc.
The problem is: when i try to login, sonarqube redirects to 192.168.0.150. As you can easily imagine this blows up everything from a remote pc.
I tried everything in sonar.web.host and sonar.host.url but nothing.
I tried an Outbound rule in IIS to overwrite 192.168.0.150 with my website address but it doesn't work with gzip compression.
What can I do?
Thanks
Resolved.
I had to check "Reverse rewrite host in response headers" option in IIS -> Machine -> Application Request Routing Cache -> Server Proxy Settings.
I have web services running on my machine on a local network. Instead of connecting to them via localhost, I'd like to be able to connect to them via local IP - in this case 192.168.1.5. Once I can do this, I'll know other devices on the network can consume these web services too (in particular, my android phone).
In my project setup in Visual Studio 2013 (I am using IIS Express), if I set the project url to be http://testdomain.com:52252 and set the line in my hosts file for 192.168.1.5 testdomain.com, then connecting to testdomain.com:52252/testservices.asmx works just fine. However when I change the project url to http://192.168.1.5:52252/ and connect straight to 192.168.1.5:52252/testservices.asmx it returns Bad Request - Invalid Hostname. HTTP Error 400. The request hostname is invalid.
What is an effective way of testing web services on a local network? I need to develop and test web services and test them from an android device, but I am disallowed from developing/testing them on a live server at the moment. Are there any solutions to this?
I have looked for solutions online but have been unable to find any. I find it hard to believe there is not a common solution to this issue - surely people must have a way to test web services without hosting a server or connecting via localhost?.
I really see there being two routes to take
1) Route each domain to a vlan with it's own ip
Virtual LAN - https://en.wikipedia.org/wiki/Virtual_LAN
Configure VLANs in a Microsoft Windows Environment - http://docs.oracle.com/cd/E19407-01/820-7898-11/z40001c91004554.html
2) Create x number of virtual machines and simulate traffic
I've got it - I had heard others needing to turn off their firewall in order to get this to work. Personally I was using McAfee to manage my windows firewall - so I'd turned McAfee firewall off assuming that was enough - but I was wrong. Despite turning the firewall off, I still had to go into the advanced windows firewall settings and add an inbound rule to allow all incoming connections over the specified port. It then worked - I could call web services from other devices on the network!
The key is to edit the IIS Express file called applicationhost.config. Add a binding just like localhost, but with your IP address. Note that you have a binding configuration for each VS2012 project so put it in the one you are using.
Then right click IIS Express in the sytem tray and exit. Exit VS, then open it using Run As Administrator. That should do it.
<bindings>
<binding protocol="http" bindingInformation="*:24486:localhost" />
<binding protocol="http" bindingInformation="*:24486:192.168.4.104" />
</bindings>
CFHTTP on my new CF 9 server is failing. I get back "408 Request Time-out" when attempting to connect to the test page on the server via its internal or external IP. I am not using SSL and using the standard port 80.
My old CF 9 server can connect to itself fine but it also fails if attempting to connect to the new server.
If I RDP into the server, I am able to pull up the same test page via a web browser or via telnet to that ip port 80.
I suspect that this is a firewall issue. I'd like to know how CF makes an HTTP request under the hood before I talk to the hosting team. What service is making the call? What port is it running under, etc.
You don't say what operating system you are running under, but if it is Windows, I'd take a look at the Windows Firewall settings on your new machine, and disable the firewall. That will allow you to check if indeed it is the Firewall in the way.
If that works you can then try and add a firewall exception for the application, i.e. JRun.
Hope that helps.