am trying to connect to our vault server hosted in a know IP using vault api "e2vault.jar" through my java application.
*note:
I can connect to the server remotly. so my device ip are connected to the server
When i use the runnable jar of my application in the vault server, i works successfully
*
sample code:
VaultClient vaultClient = new VaultClient();
vaultClient.connect("Vault_Server_IP", 6002);
Related
I am trying to do a https rest API call with a SSL certificate(PFX file) which have a password. I tested the connection from my desktop with SOAP UI and it is working fine.
I have a web application which is running on tomcat and I need my tomcat to send this certificate for all the http/https call which it will make.
I am not a tomcat person so i am stuck with this now.
I can find in online about how to set up a keystore & server.xml so that my web app can use Client Authentication against things connecting to it, not for when it needs to connect out to some other server(outgoing call).
my tomcat version is : 9.0.22
connector settings on my server.xml file
I've searched around so apologies if this is a repeat question:
A web service provider I work with has migrated to the cloud, requiring TLS connections.
My customer's (The web service consumer) java environment is setup with Tomcat acting as the container, connected via AJP to an IIS (v6) web server. The IIS server is where the Security is handled.
[Tomcat srv running WS Client] --AJP Connector--> [IIS server w/ SSL] ---> [Secure Web Service]
I'm trying to understand how to invoke the HTTPS connection from my app. From what I understand, the IIS server will create the HTTPS connection, but I don't have access to that certificate/keystore on the tomcat server (at least that's my understanding). Is there a way in java to invoke an HTTPS connection remotely so the IIS server can use it's certificate?
Any help would be appreciated!
I wanted to use vault server to store secrets and deploy it on openshift.
I wrote this dockerfile, built the image and pushed it to the openshift registry and created a deployment from this image stream:
FROM vault:1.5.0
ADD *.hcl /etc/config.hcl
ENTRYPOINT ["vault", "server", "-config=/etc/config.hcl"]
Here is the config:
storage "file" {
path = "/vault/data"
}
listener "tcp" {
address="127.0.0.1:8200"
tls_disable=1
}
disable_mlock = true
api_addr = "http://127.0.0.1:8200"
I created a route to the 8200 port. When I use the vault CLI from inside the vault-server pod it works fine, I can login, configure etc. When i use the openshift cli on my local computer to forward port 8200 to my local 8200 port I can also access the API.
The problem is I cannot access the API from anywhere outside the pod. The route fives me a 503 response and when trying via http://vault-server.namepsace.svc:8200 I get connection refused (using Spring Rest Template).
How can I configure Vault to also accept external traffic?
Your listener block means you are only listening for connections from localhost. Change the address field to 0.0.0.0:8200 to listen on all interfaces:
listener "tcp" {
address="0.0.0.0:8200"
}
And please don't forget to enable TLS as soon as you've got connectivity working.
I have deployed a java backend in a docker container running on Google Cloud Run, now am having connection issues. I can reach my java backend using chrome and postman, but not flutter.
I am connecting to it using a flutter app. My java backend uses Jetty embedded for http. Previous to this, I did development on my local machine, and in the flutter app I would hard code in my servers LAN IP. The client connected reliably in this scenario
I have since deployed to Google Cloud Run and am not able to connect to the backend with my client.
I have tested the docker container locally, and I was able to connect to my backend when running the container using this command...
docker run -p 8080:8080 --network="host" image1
In the google cloud run console, I set the port to 8443.
In my flutter app. I have changed the URL from...
https://192.168.100.103:8080
To the url the Google Cloud Run specifies as my IP (I then added the port)...
https://blahblah-82j3flsijf-uc.a.run.app:8080
My flutter code that establishes the connection is as follows...
HttpClient client = HttpClient();
client.connectionTimeout = Duration(seconds:2); // throws SocketException after timeout
client.badCertificateCallback = ((X509Certificate cert, String host, int port) => true); // find the way to specifically accept a self signed certificate
HttpClientRequest request = await client.getUrl("https://blahblah-82j3flsijf-uc.a.run.app:8443");
request.headers.contentLength = requestBody.length;
request.write(requestBody);
My java backend code that establishes the jetty http server is as follows....
Server server = new Server(8080);
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[]{ new MessageHandler(), new DefaultHandler()});
server.setHandler(handlers);
server.start();
server.join();
When I try to connect from my flutter client, I get http 400 bad request.
I solved my issue. I had a few problems here.
First was that I was using https encryption in my java app when Google Cloud Run takes care of that for me. So I disabled https in my java app. I assume Google Cloud Run requires your container to handle only http requests (not positive though).
Secondly, I changed all my ports to run the Google Cloud Run default of 8080, and then completely removed the port from my flutter url.
Thirdly, I was calling HttpClient.getUrl which performs an http GET, but I was also adding a request body to the get. You should not add a body to a GET request. This previously worked for me because both my jetty based java backend, and the flutter dart:io HttpClient are completely fine with this violation, and both worked with a GET with a body. As soon as I introduced Google Cloud Run layer, it introduced more stringent enforcement of the http protocol, and correctly returned bad request when I sent a GET with a body.
If you are adding a body, use dart:io HttpClient.postUrl.
I have a java application ,which trasfters a file to SFTP server.
Our application use jsch for implementation of sftp client in java.
Jsch requires below parameters to connect to a SFTP server:
Host name of SFTP server: XX.XX.XXX.XXX
Port : 22
Username : abc
Password : ****
My application is working fine and transferring the file when I deploy it on Unix boxes or run in my local machine.
Now I am going to deploy the application on Cloud Foundry, but this is giving me ConnectException.
2018-03-14T19:07:40.41+0530 [APP/PROC/WEB/0] OUT com.jcraft.jsch.JSchException: java.net.ConnectException: Connection refused (Connection refused)
I have updated the security group :
{
"destination": "XX.XX.XXX.XXX",
"protocol": "tcp",
"ports": "22"
}
PS:
"protocol": "sftp" is invalid ,so I gave "protocol": "tcp"
Cloud foundary(Private cloud) and SFTP server both are in my local premises.
I read about volume services but ,I did not find any clue. We do not have marketplace accessible, so If volume service can help then we will have to build those service.
Queries:
How can I access my SFTP server via a application which is deployed on Cloud Foundry?