I am using Apex (Force.com) to send HTTP requests to a server that is hosted on AWS. How can I know if the server I am sending the HTTP request is using a valid certificate and my request will be encrypted before being sent out? I know I'd be able to look for the lock icon on the browser but since this is a RESTful API callout, I'm not sure how to do that. I found one similar question here and the answer seems to be PHP specific.
Message Analyzer Tool would help you here and this tool will track all communication including encryption.
Please install Message Analyzer tool in your client OR server environment and track the message.
Please check this link - https://technet.microsoft.com/en-us/library/dn727244.aspx
Regards
Abdul
Related
I am working with an iPhone application which interacts with a Web API. Since the endpoints are HTTPS, the data which communicates in-between the device and the Web API are suppose to be encrypted.
I am in need of finding every End-Points and the Data which communicates (Headers, Body Content) for each business scenario & for negative testing-flows.
Since the data which transmits are encrypted, I was unable to trace from the Fiddler which I tried while referring so several on-line tutorials.
(The reason why I am in need is because of I have got assigned to make a API Automation tool to simulate all the testing scenarios (happy-path, negative test-cases, etc))
Is there any better approach I can take to trace these API calls?
OR, is there a tool which I can try to trace these Web API calls which sends and receives from the iPhone?
TIA
Managed to get the Certificates for the HTTPS endpoints and added to the Certificate Manager (in a windows pc). Afterwards configured the proxy ports with fiddler echo service from the mobile device and was able to trace the HTTPs calls.
With the help of installing the certificates the HTTPS, intercepting the HTTPS is possible.
Good evening, just saw that Facebook released his messenger bot toolkit and i immediately jumped right into it to learn more about it and maybe try to do my own.
My problem is that i don't have a https website running and it requires a https valid url. I tried to use my local web-server that has a certificate but it doesn't work.
My question is if this is possible to be done using a localhost url at all.
Thank you in advance
Actually this is possible with localhost. Use ngrok. It allows you to open localhost to the public web, over http or https. This should only be used for testing however.
If you want to test webhooks on your local environment, I would try ultrahook.com, you can get an API Key for free and the tool creates a tunnel from a public URL to your computer. This is from their FAQs page:
You download and run the UltraHook client on your computer. It
connects to UltraHook servers in the cloud and creates a tunnel from a
public endpoint on our servers to your computer. Any HTTP POST
requests sent to the public end point will be sent through the tunnel
an delivered to a private endpoint accessible from your computer.
I have used it to test webhooks from different providers (like payment gateways). In your computer, you can run something like:
ultrahook <subdomain> http://localhost:8000/webhook/
and then configure the webhook URL in your external service to something like <subdomain>.ultrahook.com
My question is if this is possible to be done using a localhost url at all.
No, of course it isn’t – because what such a “callback” actually means, is that Facebook makes a request to your server – and that is hardly possible with localhost.
A valid SSL certificate for your website is easy to get for free these days, via LetsEncrypt. And even if that is not available on your server, there’s still StartSSL, that provide basic certificates for free. All you need is a server you can install them on, or upload them to, or whatever mechanism your hoster provides for it. (And if they don’t provide any, then it might be time to switch.)
My company uses PAC file to restrict any outgoing traffic through proxy server. The problem is, a lot of software does not provide the option to 'use IE setting', so that they cannot be connected to the internet.
I checked this PAC file up and found the right proxy server. But after I tried to use the proxy setting for these IE-unfriendly software, they still cannot get online. I used chrome to capture some packages and found the http header containing some Negotiation data. So I assume this proxy server uses some auto login mechanism like NTLM or kerberos.
But after I downloaded the famous Proxifier and tried to reroute the net traffic for some software, NTLM method did not work. I get the 502 error. Bummer...
Any hero comes to help! Am I thinking in the wrong way? Merci beacoup!
This is not a programming question but, did you try
cntlm (http://cntlm.sourceforge.net/) or
ntlmaps (http://ntlmaps.sourceforge.net/)?
Hope this helps
I am trying to enable BOSH connection over Openfire so that i can create a XMPP client over a web. curretly i am testing it with the strophe.js.
the problem is when i try to fire following url in a browser i am getting
http://www.mydomain.com:7070/http-bind
following error
HTTP ERROR 400
Problem accessing /http-bind/. Reason:
Bad Request
Powered by Jetty://
here is my server setting , i saw few threads but they arent helpful
update
i have made a connection using strophe but i am getting following error in browser trance
its now working in my system.
i think your error encountered may actually be a configuration issue with the openfire.
It is designed to reply with HTTP 400 Bad Request if there is no element in the request. You can test this yourself by providing a element in your query.
Try the following URL in your browser:
http://www.servername:7070/http-bind/?<body rid="1"/>
In your update Strophe is sending OPTIONS HTTP requests which means that it is negotiating cross domain communication. Requests are painted red which means that this is failing for some reason. Probably misconfiguration.
There is a nice article about that here: http://metajack.im/2010/01/19/crossdomain-ajax-for-xmpp-http-binding-made-easy/
Otherwise, when Strophe does its regular BOSH communication it uses POST method.
Your setup is correct. The page the browser displays to you is also normal. Openfires BOSH component is not designed to work in a Browser with HTTP GET, only with BOSH clients like strophe. Try to connect with strophe.
You should use proxy to repost the request to the openfire server . Because, the js post cannot support cross domain.
Notes:
1.I use jsjac , but I think it's not important .
2.If you sure your config is right , please restart you openfire server . It's my experience .
If server is properly configured it should display
HTTP ERROR: 404
Problem accessing /http-bind/. Reason:
Not Found
Powered by Jetty://
The Bad Request was gone when I uninstall and reinstall Openfire as in
here.
Below works for me, i am pinging the openfire server after some interval so, clients remains alive...
i just append "/?<body rid='1'" with the server name and i don't have 400 bad request error.
XMPPconnection.sendIQ($iq({ to: XMPPserver+"/?<body rid='1'/>", from: CurrentUserJID, type: "get" }).c('ping', { xmlns: "urn:xmpp:ping" }));
I am implementing XMPP service in the browser using BOSH. I use JAXL library. I am able to manage the connection over BOSH to my localhost server (ejabberd). The session is started and the user is authenticated with no problem. However, when I just change the BOSH host to jappix.com, the very first response from the server is only empty body. Even if I repeat the request (according to XEP-206) I still get only empty body so I'm unable to perform any other actions.
So that's my question: Is it possible to use jappix.com to handle my BOSH requests? Are there any limitations? How can I fix this issue? I'll provide more information if needed.
I am the Jappix.com owner!
Your question does not concern our service directly but more likely a node-xmpp-bosh - the BOSH server we are running - bug (?) that you can report on http://code.google.com/p/node-xmpp-bosh/