i am facing issues in SSRS configuration:
A. i have two domain URL (https://xyz.domain1.com) and (ttps://abc.domain2.com).
B. i have certificate for each domain like
xyz.domain1.com - certificate one (*.domain1.com) -- 443
abc.domain2.com - 2nd certificate (*.domain2.com) -- 443
C. In SSRS - i have one virtual directory in web service URL
SSRS-> Webservice URL -> virtual directory name : "Report Service"
[enter image description here][1]
D. in advance setting
[enter image description here][2]
E. in Report manager URL, i am trying to bind two 443 domain but i cannot
while i bind both url and port 443 then i got this error
Microsoft.ReportingServices.WmiProvider.WMIProviderException: An SSL binding already exists for the specified IP address and port combination. The existing binding uses a different certificate from the current request. Only one certificate can be used for each IP address and port combination. To correct the problem, either use the same certificate as the existing binding, or remove the existing SSL binding and create a new binding using the certificate of the current request.
Question:
now i need to connect my report server using two different URL and unique SSL certificate each URL.
But i cant bind this two urls using 443 to connect report server.
I can bind one url and certificate then its working for one URL only.
How do i bind two URLS and certificate to one report server and make it work for two URL's
please help on this issue.
I suggest you try ignoring the error on the first URL ('Web Service URL') and proceed to bind the certs to the 'Report Manager URL' as well. You may have to manually edit the bindings in Advanced Settings, but once you get them looking right in Advanced Settings, SSRS should work.
And a second suggestion, though it looks like you already have done this: be sure the common name (CN) for the wildcard certs are *.domain1.com and *.domain2.com. SSRS will only accept host names that match the CN, and in your case, where you're binding 2 certs to same port, the CNs must be different.
Here's a related point for anyone trying to make the multiple hosts in a single subdomain case work: e.g, https://foo.localdomain/reports and https://bar.localdomain/reports.
Request your SSL cert with Common Name (CN) = *, not the server name or anything specific. Then list all the permutations of DNS names that you want to support in the Subject Alternate Name (SAN) field. The url looks funny in SSRS Configuration Manager (https:+:443), but it Works on the Wire(tm).
If you specify some non-wildcard for the CN, you'll get 'resource not found' error tryng to connect, although the SSL handshake will work.
To achieve the objective you need a Multi-Domain SSL or Wildcard SSL certificate, for example:
Multi-Domain SSL(Multiple Domains)
xyz.domain1.com
abc.domain2.com
Wildcard SSL(Sub-domains)
xyz.domain1.com
abc.domain1.com
Reference:
Multiple Domain (UCC) SSL
Secure multiple domains and
sub-domains on one certificate
Related
https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/grpc
In the above link under Prerequisites - 2nd point, it is mentioned to have a domain name configured to Ingress controller.
How to create or get a domain name in AKS?
I have a grpc application, trying to implement the same steps.
You have two Options, for both you need an own a domain Name (you can buy it at namecheap.com or godaddy.com).
First option: Switch the domain DNS resolution to Azure..
Second option: Create the AKS and add it as CNAME (AKS public FQDN, i would prefer this over using the IP) to the DNS records of your domain.
On my WP8 app, I followed instructions from here to register on push notifications service MPNS.:
HttpNotificationChannel pushChannel;
// The name of our push channel = the CN from certificate
string channelName = "CN-from-cert";
However, channel URI returned from the MPNS is always http:// and it seems like it's not using this secured connection. So, my question is:
How can I verify if my channel is using no-quote (secure) connection
What is needed on the client side (WP8 app)?
What is needed on the server side (sending push notifications)?
Many thanks.
I think you need to set ServiceName property (not channelName) to your service's domain name exactly as it appears on CN property in the server certificate that you will use. P.e., if your certificate's CN=www.mydomain.com, you must set Channel.ServiceName="www.mydomain.com". Channel name my be anyone that you like. This is at client side.
At server side you need to upload your cert file to developer.windowsphone.com dashboard and to your server too (with the private key).
You can check if MPNS recognize your secure channel by checking if channel URI generated starts with https:// instead http://. This not ensure that your server can send trusted notifications since it depends on if you have the same certificate in your server and specify it correctly in all petitions, but tells you that client side is ok.
You have detailed information about how to configure your server here:
http://msdn.microsoft.com/en-US/library/windowsphone/develop/ff941099%28v=vs.105%29.aspx
Best practices to implement a push notification system (including authenticated servers):
http://blogs.windows.com/windows_phone/b/wpdev/archive/2013/10/22/recommended-practices-for-using-microsoft-push-notification-service-mpns.aspx
i've noticed that on LoLReplays webpage you can now stream live games via their program LoLRecorder. I found this code on their page
href="lrf://spectator spectator.eu.lol.riotgames.com 2nHvYdkaSjjqC7f+mtHQeIhFcUSQLFu5 488978485 EUN1 3.01.0.1"
And i've tried a little to stream from my own (already recorded) game. But all i get is unable to find match. My question is: Does anyone here know how this works?
Thanks!
TL;DR; You can't stream anything, but you can open LoLReplay in spectator mode for a specific match.
Try reinstalling LoLReplay, seemed to fix the issues that I was having.
The title of your post is somewhat misleading as no streaming actually happens - all that the link does is open LoLReplay on your local machine and pass in the details of the match you want to spectate.
This will only work for matches that are happening now, as it connects in a similar way as the LoL client does when you spectate a match.
Calling LoLReplay from the browser
The links seem to be formatted as follows:
lrf://spectator [Observer IP Address][:Observer Port] [Observer Encryption Key] [Game Id] [Platform Id] [Client Version?]
lrf://spectator tells LoLReplay to open up in spectator mode.
Observer IP Address is required and can either be a hostname or an IP address. The hostname is usually in the format spectator.[eu/na/br/etc.].lol.riotgames.com.
Observer Port is optional, I believe it defaults to 8088 which appears to be the default spectator mode port.
Observer Encryption Key... is a required per-match encryption key.
Game Id is a required, per-match integer id.
Platform Id is a more specific version of the region, I guess relating to how Riot have grouped their servers. For example EUW1.
Client Version, the last field appears to be a version number - I can only assume this is either the version of the client that LoLReplay is using OR the version of the client the players in the match are using.
How to find IP address, encryption key etc.
Edit: you can now grab all the info you need using the official Riot API, you just need the SummonerId of the user you're querying for. See current-game API docs for usage.
I have a domain name abc.mydomain.com
This is a https URL ( http redirects to the https version )
However, I now need to be able to handle www.abc.mydomain.com to redirect to abc.mydomain.com
How can I do this? is it a webserver level redirect or something to be done at the DNS resolution.
I know my URL already has the "abc" as its sub-domain and I dont need a "www", however, we noticed that "www.news.google.com" resolves to "news.google.com" - hence wondering if I can achieve it too
Thank you!
In short, yes.
DNS works on a hierarchy - the DNS server for .com can delegate down to the nameserver for your domain which can delegate further, or just answer the requests, which needs to be your first step.
If you use Bind style zone files, you can do something like (where 123.45.67.89 is your webserver IP address):
* IN A 123.45.67.89
Then, you also need your webserver to resolve that to the right virtual host/redirect as desired.
Due to a limitation on our SMTP provder's side, we're having to use System.Web.Mail (deprecated), which is a wrapper around CDOSSYS.
Because we'd like to avoid having to change multiple configurations if we switch providers at a later date, we set up an internal alias for our providers FQDN.
So, mailrelay.ourdomain.com -> mailrelay.provider.com.
When I try to connect to either our alias or the provider's IP, a COM error bubbles up: "The transport failed to connect to the server." If I connect to the provider's true FQDN, everything works as expected.
I've looked in Wireshark, and I can see the certificate being requested, but not much happens after that.
I'm wondering if anyone knows if CDOSSYS checks to make sure the requested host name matches the FQDN on the certificate and fails if it doesn't match.
I've tried searching for an answer to this question, but I can't seem to find it.
I can't find a definitive answer, but from what I can tell, yes, CDOSYS does require a certification to match an SMTP server's FQDN when using SSL.