I tried to run an example server from Milo OPC repository, and I put as endpoint the ip of the PLC. In the device, the name of the device is "MI_027859".
19:18:36.748 [main] WARN o.e.m.o.stack.core.util.EndpointUtil - Endpoint URL 'Illegal character in hostname at index 12: opc.tcp://MI_027859:12686/MI_027859' is not a valid URI: {}
java.net.URISyntaxException: Illegal character in hostname at index 12: opc.tcp://MI_027859:12686/MI_027859
at java.net.URI$Parser.fail(URI.java:2848)
at java.net.URI$Parser.parseHostname(URI.java:3387)
at java.net.URI$Parser.parseServer(URI.java:3236)
at java.net.URI$Parser.parseAuthority(URI.java:3155)
at java.net.URI$Parser.parseHierarchical(URI.java:3097)
at java.net.URI$Parser.parse(URI.java:3053)
at java.net.URI.parseServerAuthority(URI.java:915)
Related
Is there a way to configure the Eureka client to use a different keystore\truststore than the spring-boot embedded tomcat? OR is there a way to disable cert validation in SBA server?
I have a situation where I have a cluster of spring-boot based microservices across several VMs. All of the microservices, including backend management like SBA and Eureka server are secured using HTTPS and the typical spring-boot SSL certificate configuration. For these services I am using a self-signed CA to generate certificates for each machine. One exception to this is the "gateway" service which serves the api through to our web client. This service is configured with a certificate signed by a real CA, as it is the only publicly accessible service
Getting to the point, my "gateway" service is unable to connect to SBA server, I see a scroll of SSL-related errors complaining about the hostname of the client not matching any alt names in its certificate. This is because it is presenting its public cert to SBA which does not match the internal host name that the request is originating from.
My services are using Netflix Eureka and service discovery.
EDIT: Adding stacktrace from SBA Server:
2019-02-06 21:34:30 [reactor-http-epoll-3] ERROR r.n.http.client.HttpClientConnect - [id: 0x5844260b, L:/172.17.0.5:40928 - R:myhost.mydomain.com/172.xxx.xxx.xxx:443] The connection observed an error
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1521)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:528)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:802)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:766)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:294)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1297)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1199)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1243)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:502)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:441)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:278)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1434)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:965)
at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799)
at io.netty.channel.epoll.AbstractEpollChannel$AbstractEpollUnsafe$1.run(AbstractEpollChannel.java:382)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:163)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:404)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:335)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:897)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1709)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:318)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:970)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:967)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1459)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1460)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1365)
... 19 common frames omitted
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching myhost.mydomain.com found.
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:214)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:96)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1626)
... 27 common frames omitted
EDIT: Upon further inspection, I have the sequence of this issue wrong. The SSL error is not occurring when the gateway tries to register with SBA, it actually registers fine, the SSL error is occurring when SBA tries to reach back to actuator on the gateway.
So I guess the updated question is a bit more complicated: Is there a way to configure actuator with a different keystore/truststore. Furthermore, is there a way to open up Actuator in Zuul only for connections on the backend like SBA and not for users on the public/client end?
We have supplied port number: 11211 default port though it is taking 6379. Weird and keep throwing error as:
NOTICE (5): [8] MemcachePool::get(): Server 127.0.0.1 (tcp 6379, udp
0) failed with: Malformed VALUE header (0)
Can anyone help us how to resolve the error?
I have searched and found socialengine has this kind of error but cannot find resolution:
http://blog.socialengine.com/2017/04/17/socialengine-php-4-9-0-and-third-party-products/
Try to check your /application/settings/cache.php file. It contains your caching settings including port, lifetime, serialization etc.
I am trying to configure smtp for organisational mail in alfresco 4.2e.
Here is my global configuration
mail.host=smthost.abcd.com
mail.port=25
mail.username=sameer#abcd.com
mail.password=password
mail.encoding=UTF-8
mail.from.default=sameer#abcd.com
mail.smtp.auth=false
I am unable to send the mail. Here is
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP host: smtphost.abcd.com, port: 25;
nested exception is:
java.net.SocketException: Network is unreachable: connect. Failed messages: javax.mail.MessagingException: Could not connect to SMTP host: smtphost.abcd.com, port: 25;
nested exception is:
java.net.SocketException: Network is unreachable: connect; message exception details (1) are:
Failed message 1:
javax.mail.MessagingException: Could not connect to SMTP host: smtphost.abcd.com, port: 25;
I am able to connect using
telnet smtphost.abcd.com25
and I am able to ping
Your network (most likely your gateway) is telling you it cannot reach the network of abc.efgh.ijkl.com. If you test, make sure to execute telnet from the server giving you the error. Telnet should give you same error message.
tcpdump -n -i any port 25
will show all outgoing traffic targeting SMTP and should give you further information about the problem at the network level (such as IP addresses used).
After so much search I found the issue of the problem. The problem occured because java using IPv6 by default. To fix,
I disabled IPV6 on windows
Set the Java property as setx _JAVA_OPTIONS -Djava.net.preferIPv4Stack=true
I am trying to decrypt the https traffic by fiddler2 which has just been upgraded.
What is the problem to get this errror?
17:27:45:6821 !SecureClientPipeDirect failed: System.IO.IOException Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. < A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond on pipe to (CN=192.168.0.100, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com)
Thanks
The error message indicates that the client failed to complete the HTTPS handshake. What was the client? This message typically indicates that the client isn't configured to trust Fiddler's Root Certificate.
What, if any, other messages are shown on the Log tab?
I am new to WSO2 and I follow this post to enable Single Sign On (SSO) for the following scenario:
Virtual machine running centos (IP: 192.168.0.18)
WSO2 IdentityServer 4.1.0 installed with https port: 9443
WSO2 ApplicationServer 5.1.0 installed with https port: 9443
Here is the problem:
when I access the application server console management, I am
redirected to the identity provider login page as expected and I can
login.
I am then redirected to the initial request (Application Server MGT
Console) but a message appears telling me that the
Authentication/Authorization fails.
In log files I can see following error:
TID: [0] [AS] [2013-05-14 16:13:32,128] INFO
{org.wso2.carbon.identity.authenticator.saml2.sso.common.builders.AuthenticationRequestBuilder}
- Building Authentication Request {org.wso2.carbon.identity.authenticator.saml2.sso.common.builders.AuthenticationRequestBuilder}
TID: [0] [AS] [2013-05-14 16:13:32,388] ERROR
{org.wso2.carbon.identity.authenticator.saml2.sso.util.Util} -
Content is not allowed in prolog.
{org.wso2.carbon.identity.authenticator.saml2.sso.util.Util} TID: [0]
[AS] [2013-05-14 16:13:32,389] ERROR
{org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
- System error while Authenticating/Authorizing User : Error occured while processing saml2 response
{org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticatorException:
Error occured while processing saml2 response
at org.wso2.carbon.identity.authenticator.saml2.sso.util.Util.unmarshall(Util.java:87)
at org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator.login(SAML2SSOAuthenticator.java:64)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
I search the net for this error but I was not able to find something that could help me to solve this problem.
Any help is welcome.
Thanks.
this is due to a version difference between the SAML components being used in the two servers. We will make a public patch available.