Error contacting the Parsoid/RESTBase server: (curl error: 60) SSL peer certificate or SSH remote key was not OK
That is the error I receive when I set HTTPS in $wgServer.
and
Error contacting the Parsoid/RESTBase server (HTTP 500)
That is the error I receive when I put HTTP in $wgServer.
It is not a private wiki and is hosted on a domain with a successful SSL Certificate. What do I do to fix this?
Related
This question has puzzled me while looking into a Mutual SSL failure between my client app and an external Server.
When my app tries to connection to the external server's rest API - let's call it https://www.server.com/api/resolve - I expect a "Certificate Request" handshake element to be sent with their Server hello. As far as I can tell from a tcpdump of all traffic between me and the server, it is not sent. Only a "Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done" is sent:
tcpdump of TLSv1.2 handshake: https://i.stack.imgur.com/50Ous.png
However when I try to access that same API URL in Chrome, the browser displays a box asking me to select my client certificate for mutual authentication. When I capture a dump of that handshake up to the point where the browser prompts me for a certificate, I still see no "Certificate Request" sent by the Server:
Tcpdump of browser navigation to API: https://i.stack.imgur.com/hvOEx.png
After selecting a certificate in Chrome, I'm directed to the site, however I see no Client "Certificate" sent in my TLS1.2 capture either.
My question is, is there any way can Chrome know a client cert was requested by the server if that request is not sent in the TLS handshake?
Alternatively, is it possible wireshark is lying to me? When I test against, for example: https://client.badssl.com/ which requests Mutual SSL, I see the Certificate Request right after the Server Key Exchange exactly as I should. I noticed in the TLSv1.2 RFC (https://www.rfc-editor.org/rfc/rfc5246) it notes:
"In particular, the certificate and certificate request
handshake messages can be large enough to require fragmentation."
But this should be irrelevant to how Wireshark is displaying the TLS info.
There are several Encrypted Handshake Message in the packet capture after the application data. This very likely means that the server itself does not request a client certificate by default but that the certificate is only requested for specific URL.
In this case first a TLS handshake is done without a CertificateRequest. Once the handshake is finished the client sends the HTTP request over the encrypted connection which is the Application Data in the packet capture. The server will determine that the requested URL needs a client certificate and initiate a renegotiation, i.e. another TLS handshake but this time with a CertificateRequest. But since the connection is already encrypted this renegotiation is only visible as Encrypted Handshake Message and the details cannot be seen without decrypting the traffic.
here is the error i got[Send Mail Task] Error: An error occurred with the following error message: "Failure sending mail. System.Net.WebException:
The remote name could not be resolved: 'smtpserver'".
That usually means that you don't actually have an smtp server named "smtpserver". At least not one that your SSIS server can connect to.
I installed and configured SMTP module with proper details in Drupal 7. I tried to send test the mail in Windows 2012 server but am getting the below error.
SMTP -> ERROR: Failed to connect to server: php_network_getaddresses: getaddrinfo failed: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. (0)
SMTP Error: Could not connect to SMTP host.
Unable to send e-mail. Contact the site administrator if the problem persists.
The same build is working fine in Windows XP, 07, and Ubuntu environments. What is causing this problem?
Correct the TLS port for gmail SMTP configuration. It should be 587. You can refer to below link -
https://support.google.com/a/answer/176600?hl=en
I am trying to download files from a FTP site inside my production environment. The FTP site has been assigned with a certificate (pfx). The FTP port is 21.
Due to this certificate I am unable to download the content using FTP task in SSIS.
I tried using script task however I got the same error that ftp cannot accomplish the connection due to certificate.
I also tried with SFTP component but that gave me a error shown below
[Execute: ] Error: Error: Unable to List: Socket read operation has
timed out
at SSIS.Extensions.SFTP.SFTPConnection.ThrowException(String
Message, Exception ex) at
SSIS.Extensions.SFTP.SFTPConnection.ListFiles(String remotePath) at
SSIS.Extensions.SFTPTask.SFTPTask.Execute(Connections connections,
VariableDispenser variableDispenser, IDTSComponentEvents
componentEvents, IDTSLogging log, Object transaction)
I googled the error and found out that SFTP does not use TLS/SSL (neither implicit nor explicit). Explicit/Implict TLS/SSL is used with FTP from the post
SSIS SFTP : How to resolve "Unable to Upload: Socket read operation has timed out"?
Is there a way to connect to FTP that has a certificate associated with it using SSIS?
Found the answer.... We can use the FTP task itself to connect with a FTP that has a certificate associated with it.
Below are the workaround for this...
There are three SSL options when we create a FTP site in IIS.
Allow SSL
Require SSL
No SSL
NO SSL option will not allow SSL certificates to be used for the FTP
Allow and Require SSL provides the SSL feature for the FTP.
In the FTP site that I had has the Require SSL option selected. I
changed that option to Allow SSL which still enables the SSL feature
for the FTP but allows the FTP task
I am connecting to google geocode web service from .NET code. It works perfectly in my local machine and when deployed in windows 2003 std. server, I am getting the below error.
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Where can I get the certificate for Google web service? I tried downloading it from chrome by hitting the url and saved the certificate in a file and added to Trusted certificate store but still having same issue when the site is running.
Any suggestion will be greatly appreciated.