I would like to get the info from my custom Haystack service with the command
curl -v -X GET https://<myIP>:8443/api/haystack/about and it fails, the following is the log from above command
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying <myproxy-ip>...
* Connected to proxy.example.com (myproxy-ip) port 911 (#0)
* Establish HTTP proxy tunnel to <myIP>:8443
> CONNECT <myIP>:8443 HTTP/1.1
> Host: <myIP>:8443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 597 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: The TLS connection was non-properly terminated.
* Closing connection 0
curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated.
At the same time, the Haystack service is having a front end web portal, when I access with Chrome, I can see the warning Privacy Error and NET::ERR_CERT_AUTHORITY_INVALID, but i still can proceed on the browser. I guess this might be the reason causing my curl fail.
Any idea?
Thanks
Related
I am attempting to make a local request to the kubernetes cluster that is hosted on my server, the cluster's NodePort is listening at the following address 172.20.120.1:30280. External client in production are required to make requests to 172.20.0.1:8000 (this cannot change), so I am attempting to add a DNAT rule to nat the traffic from:
172.20.0.1:8000 -> 172.20.120.1:30280 (k8s NodePort)
I am able to make curl request to 172.20.120.1:30280 directly and get a successful response back. However, when I make a curl request to 172.20.0.1:8000 it just hangs with the following message:
# curl -vvvk https://172.20.0.1:8000/v1/my-api
* About to connect() to 172.20.0.1 port 8000 (#0)
* Trying 172.20.0.1...
* Connected to 172.20.0.1 (172.20.0.1) port 8000 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
And then it eventually times out with the following error:
...
* NSS error -5961 (PR_CONNECT_RESET_ERROR)
* TCP connection reset by peer
* Closing connection 0
curl: (35) TCP connection reset by peer
When I make a request directly to 172.20.120.1:30280 I don't get that cert error and it works. I get a successful response back.
Does anyone know why I am getting that cert error?
I'm sending GET requests via proxy that only supports HTTP (no HTTPS support). When I use that proxy (or any other http-only proxy) to request HTTPS it returns 403 when I use curl (and it seems to be the correct status). But if I just use CONNECT and GET I get 200.
Curl - 403 Forbidden:
curl -x proxyhost:proxyport -I https://example.com -vvv
* Trying PROXYHOST:8080...
* TCP_NODELAY set
* Connected to PROXYHOST (PROXYHOST) port 8080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to www.example.com:443
> CONNECT www.example.com:443 HTTP/1.1
> Host: www.example.com:443
> User-Agent: curl/7.68.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
< Date: Fri, 15 Oct 2021 15:37:31 GMT
Date: Fri, 15 Oct 2021 15:37:31 GMT
< Server: Apache
Server: Apache
< Content-Length: 202
Content-Length: 202
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1
<
* Received HTTP code 403 from proxy after CONNECT
* CONNECT phase completed!
* Closing connection 0
curl: (56) Received HTTP code 403 from proxy after CONNECT
Pure HTTP - 200 OK:
CONNECT PROXYHOST:PROXYPORT HTTP/1.0
GET https://www.example.com:443 HTTP/1.0
HTTP/1.0 200 OK
Why do I get 200 with CONNECT + GET?
Additional info:
PROXYHOST is just a random host without any proxy setting or software. It just happens so that when you use it as proxy for http GET requests it returns correct status (200 if requested page exists, 404 if it does not, etc) and its own html instead of requested body. At the same time it always returns 403 if you try to use it as proxy for requesting https via anything but CONNECT + GET.
I also tried python requests and got this result (with verbose logs):
proxy = {'https': 'http://PROXYHOST:8080', 'http': 'http://PROXYHOST:8080'}
requests.get('https://example.com', proxies=proxy)
# logs
send: b'CONNECT example.com:443 HTTP/1.0\r\n'
send: b'\r\n'
# exception
File "/usr/lib/python3.8/http/client.py", line 276, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response / (Caused by ProxyError('Cannot connect to proxy.', RemoteDisconnected('Remote end closed connection without response')))
requests.get('http://example.com', proxies=proxy)
# logs
send: b'GET http://example.com/ HTTP/1.1\r\nHost: example.com\r\nUser-Agent: python-requests/2.25.0\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nConnection: keep-alive\r\n\r\n'
reply: 'HTTP/1.1 200 OK\r\n'
header: Date: Fri, 15 Oct 2021 17:10:00 GMT
header: ...
<Response [200]>
I am using RESTFul client Insomnia to test my GET request.
I get 500 internal server error as shown below
* Preparing request to https://sample.azure-api.net/masterData/carTypes
* Using libcurl/7.57.0-DEV OpenSSL/1.0.2o zlib/1.2.11 libssh2/1.7.0_DEV
* Current time is 2019-08-30T05:03:09.029Z
* Disable timeout
* Enable automatic URL encoding
* Enable SSL validation
* Enable cookie sending with jar of 0 cookies
* Found bundle for host sample.azure-api.net: 0x205d69260b0 [can pipeline]
* Re-using existing connection! (#7) with host sample.azure-api.net
* Connected to sample.azure-api.net (XX.XXX.XXX.XX) port 443 (#7)
> GET /masterData/carTypes HTTP/1.1
> Host: sample.azure-api.net
> User-Agent: insomnia/6.6.2
> Accept: */*
< HTTP/1.1 500 Internal Server Error
< Content-Length: 111
< Content-Type: application/json
< Date: Fri, 30 Aug 2019 05:03:09 GMT
To troubleshoot, I opened wireshark, selected Ethernet2 interface and started to capture the traffic. also added a filter as follow
http.host == "sample.azure-api.net"
But I do not see any traffic filtered when I apply the above filter.
But when I try to filter like IP Destination, I get to see the traffic.
ip.dst == XX.XXX.XXX.XX && tcp.port == 443
Why filter by hostname is not working?
What I am trying to solve? Root Issue
When I try same request from c# code using rest client, I get below error
{"The request was aborted: Could not create SSL/TLS secure channel."}
So basically I am trying to find where exactly is request is failing!
Well, this website uses AWS EC2, and right now when i shared the site on Facebook, facebook don't show nothing, but yesterday it work well.
Right now the Facebook lint(object debugger) says
Error parsing input URL, no data was cached, or no data was scraped.
And
Curl Error : RECV_ERROR Received HTTP code 502 from proxy after
CONNECT
But when i use curl via terminal on my Mac (like curl -v -X TRACE www.cuinzy.com) this return:
* Rebuilt URL to: www.cuinzy.com/
* Hostname was NOT found in DNS cache
* Trying 54.207.48.99...
* Connected to www.cuinzy.com (127.0.0.1) port 80 (#0)
> TRACE / HTTP/1.1
> User-Agent: curl/7.37.1
> Host: www.cuinzy.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 17 Aug 2015 10:14:36 GMT
* Server Apache is not blacklisted
< Server: Apache
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: message/http
<
TRACE / HTTP/1.1
User-Agent: curl/7.37.1
Host: www.cuinzy.com
Accept: */*
* Closing connection 0
Curl return response code 200 on www.cuinzy.com, and if try with url https://www.cuinzy.com/itm/572-aumento-natural-del-busto-pueraria-mirifica-100-x-500mg.html, this return:
* Hostname was NOT found in DNS cache
* Trying 54.207.48.99...
* Connected to www.cuinzy.com (127.0.0.1) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: *.cuinzy.com
* Server certificate: COMODO RSA Domain Validation Secure Server CA
* Server certificate: COMODO RSA Certification Authority
* Server certificate: AddTrust External CA Root
> TRACE /itm/572-aumento-natural-del-busto-pueraria-mirifica-100-x-500mg.html HTTP/1.1
> User-Agent: curl/7.37.1
> Host: www.cuinzy.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 17 Aug 2015 10:16:25 GMT
* Server Apache is not blacklisted
< Server: Apache
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: message/http
<
TRACE /itm/572-aumento-natural-del-busto-pueraria-mirifica-100-x-500mg.html HTTP/1.1
User-Agent: curl/7.37.1
Host: www.cuinzy.com
Accept: */*
* Closing connection 0
And look how the use of SSL does not represent a change, additionally, notice that at all times the http response code is 200.
And, if i click on See exactly what our scraper sees for your URL link of Facebook Lint, this only return:
Document returned no data
Ah, additionally, i try this tools(and all return http response code 200 and work fine):
curl via terminal on mac
http://httpstatus.io/
http://iframely.com/debug?uri=https%3A%2F%2Fwww.cuinzy.com%2Fitm%2F572-aumento-natural-del-busto-pueraria-mirifica-100-x-500mg.html
http://opengraphcheck.com/result.php?url=https%3A%2F%2Fwww.cuinzy.com%2Fitm%2F572-aumento-natural-del-busto-pueraria-mirifica-100-x-500mg.html#.VdG3hVN_Oko
https://coveloping.com/tools/open-graph-tag-tester
Please, if you know whats happend tell me, i dont understand...
P.S: sorry for my bad english.
Sorry for asking here, but this is a bit of an emergency and I know from past experience, it could take more than 7 days to get a response from Paypal.
I am working on a project that, about 10 days ago, was working fine. 2 Days ago I returned to the PP portion and all of a sudden, I am getting no response from Paypal.
This is the URL I am calling:
https://api.sandbox.paypal.com/v1/payments/payment
And absolutely no response is being returned. I'm certain that before it at least returned an error if no parameters are included. But now, nothing at all with or without parameters.
Paypal does have a status page for the live site. Not sure if it still extends to the sandbox, tho. There was a major outage on the live end yesterday.
Which API are you using?
Do you still have issues with this? It's working fine for me. I don't believe we had an outage either.
$ curl -v https://api.sandbox.paypal.com/v1/payments/payment
* About to connect() to api.sandbox.paypal.com port 443 (#0)
* Trying 23.43.75.39...
* connected
* Connected to api.sandbox.paypal.com (23.43.75.39) port 443 (#0)
*a lot of SSL stuff*
> GET /v1/payments/payment HTTP/1.1
> User-Agent: curl/7.28.1
> Host: api.sandbox.paypal.com
> Accept: */*
>
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 401 Unauthorized
< Server: Apache-Coyote/1.1
< Paypal-Debug-Id: 7177ce39c4142
< Content-Type: application/json
< Content-Length: 0
< DC: origin1-api.sandbox.paypal.com
< Date: Sun, 03 Nov 2013 12:07:31 GMT
< Connection: keep-alive
< Set-Cookie: DC=origin1-api.sandbox.paypal.com; secure
<
* Connection #0 to host api.sandbox.paypal.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
Note the HTTP 401 response (because I didn't specify a valid Authorization header with an access token for the request).