I've configured a service hook -> webhook that invokes a remote HTTPS URL with a valid certificate.
When testing the webhook I get this error:
There was an error sending the request, so there was no response.
Error(s):
An error occurred while sending the request.
The underlying connection was closed: An unexpected error occurred on a send.
You may not call this function on a different context than the original request
Invoking the same URL with curl everything is fine.
EDIT: Reading answers with a similar error I thought the problem could be related to the TLS version used by Azure Devops.
My remote service was enabled for TLS 1.3 and 1.2 and failed with <= 1.1.
I configured it to allow TLS 1.0 and 1.1 as well and I keep getting the same error.
I had checked "Accept untrusted SSL certificates". Unchecking it fixed the problem.
Related
I have deployed the nodejs application to a pivotal cloud foundry. Deployment is successful, but when I am trying to access any page which has a post request, getting the '502 Bad Gateway: Registered endpoint failed to handle the request' error. For handling port, I have used the cfenv module, but I am getting this error for post requests in which I have post URL with the port as 'https://my-neptune-cluster.cluster-cr2fhfjprba.us-east-1.neptune.amazonaws.com:25881'. Can someone help me with how can we resolve that?
Installed 2 different member servers with Azure AD Connect cloud agents both have an inactive status.
I confirmed;
Both installs complete successfully
Proxy settings are off
Since the Azure port test URL is no longer working I manually tested several of the URLs listed on https://learn.microsoft.com/en-us/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud, they were working
Here is a snippet from the local/server logs;
AADConnectProvisioningAgent.exe Error: 0 : Service bootstrap request failed with exception: 'System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at https://[UUID].syncfabric.bootstrap.his.msappproxy.net/ConnectorBootstrap that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.Net.WebException: The remote server returned an error: (407) Proxy Authentication Required.
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStreamAsyncResult.CompleteGetRequestStream(IAsyncResult result)
When it says "the remote server returned an error: 407 proxy authentication", is that MS end or our end?
After trying numerous updates to the machine.config file, as with most MS products there are 100 different options to "try" to get the proxy settings right. None worked even after restarting the service.
We eventually gave up on that and manually set the proxy itself to allow the Azrue AD agent computer/IP to skip/bypass authentication and it connected successfully.
We're trying to use a client certificate to authenticate when calling an OData service in SAP S/4HANA. And we're calling from an azure APIM instance. As certificate we've created a self-signed certificate and configured SAP S/4HANA according to this blog (https://blogs.sap.com/2020/05/03/x.509-certificate-based-logon-to-odata-services/)
Then we test this from the browser it works like a charm.
But calling from azure APIM we get the following response from SAP S/4HANA:
<?xml version="1.0" encoding="utf-8"?> <error xmlns:xsi="http://www.w3.org/2001/XMLSchema-Instance">
<code>HTTP/404/E/Not Found</code>
<message> Service /sap/opu/odata/sap/xxxxyyyy/xxyyzz call was terminated because the corresponding service is not available.The termination occurred in system UFI with error code 404 and for the reason Not found. Please select a valid URL. If it is a valid URL, check whether service /sap/opu/odata/sap/xxxxyyyy/xxyyzz is active in transaction SICF. If you do not yet have a user ID, contact your system administrator. </message>
SAP S/4HANA support says that then calling from browser they can 'see' certificate in payload but then calling from APIM, the payload is 'empty'.
I've got the trace logs from the SAP S/4HANA gateway server and I've noticed this subtly difference calling from browser vs calling from APIM:
Browser call (successfull):
[Thr 140708195055360] HttpModGetDefRules: determined the defactions: COPY_CERT_TO_MPI (1)
APIM call (failed):
[Thr 140708197697280] HttpModGetDefRules: determined the defactions: NOTHING (0)
So the certificate is obviously reaching SAP S/4HANA gateway server but not the SAP S/4HANA Odata server. So somehow, for some reason it's lost on the SAP S/4HANA gateway server only then it comes from azure APIM.
I've tried to make the calls 100% identical (same headers same values) but I can't control the way the certificate is added in azure apim or can one ?
I read that one can set the certificate body using policy below:
<authentication-certificate body="#(context.Variables.GetValueOrDefault<byte[]>("byteCertificate"))" password="optional-certificate-password" />
but I can't figure out how to get a proper value for "byteCertificate".
Has anyone done this? Or has anyone had a similar issue?
We finally found the solution!
Thanks to microsoft APIM support team, thanks a lot :)
APIM acts like a reverse proxy and adds headers related to this role. The header "X-Forwarded-For" causes SAP to deny the request with the above misleading error message. We found a solution that SAP could configure:
ICM parameter "icm/HTTPS/accept_ccert_for_x_forwarded_for_requests" has to be set to "true" - per default it's set to "false".
(The header can't be deleted with a policy on APIM side.)
We have SignalR service hosted on Azure.
For technical reasons, it is essential for us to maintain as stable connection between client and host as possible. And what is happening is that at relatively random intervals some clients got disconnected. We know that this is not related to internet connectivity on the clients's side.
So, the question is, how we can determine reason of a disconnect.
Our SignalR hub implements overrides 'OnDisconnectedAsync'. And this method has 'Exception exc' parameter. Unfortunately every time it get's triggered, exc is always null (I was hoping to find details for disconnect there).
Additional details:
We user following SignalR packages on Server side:
Microsoft.AspNet.SignalR (2.4.0)
Microsoft.Azure.SignalR (1.0.5)
On client side we use "Microsoft.AspNetCore.SignalR.Client.Core" (1.1.0)
Also, we checked and we have enough resources on Azure SignalR (units)
Here are logs when user gets disconnected (happen after OnDisconnectedAsync):
2020-03-15 11:38:07.391 +00:00 [Debug] Microsoft.AspNetCore.SignalR.HubConnectionHandler: OnConnectedAsync ending.
2020-03-15 11:38:07.391 +00:00 [Debug] Microsoft.Azure.SignalR.ServiceConnection: Sending close connection message to the service for GFf8suySt2eMsOCLuYg0-wbb16618b1.
2020-03-15 11:38:07.391 +00:00 [Debug] Microsoft.AspNetCore.Http.Connections.Client.Internal.WebSocketsTransport: Received message from application. Payload size: 36.
2020-03-15 11:38:07.393 +00:00 [Debug] Microsoft.AspNetCore.Http.Connections.Client.Internal.WebSocketsTransport: Message received. Type: Binary, size: 37, EndOfMessage: True.
2020-03-15 11:38:07.393 +00:00 [Debug] Microsoft.Azure.SignalR.ServiceConnection: Received 37 bytes from service 12aa875c-a5b6-4842-8bc1-2d67e7ab30f6.
2020-03-15 11:38:07.393 +00:00 [Debug] Microsoft.Azure.SignalR.ServiceConnection: Connection GFf8suySt2eMsOCLuYg0-wbb16618b1 ended.
When the client is connected to the Azure SignalR, the persistent connection between the client and Azure SignalR can sometimes drop for different reasons. This section describes several possibilities causing such connection drop and provides some guidance on how to identify the root cause.
Possible errors seen from the client-side:
The remote party closed the WebSocket connection without completing the close handshake
Service timeout. 30.00ms elapsed without receiving a message from service.
{"type":7,"error":"Connection closed with an error."}
{"type":7,"error":"Internal server error."}
Root cause:
Client connections can drop under various circumstances:
When Hub throws exceptions with the incoming request.
When the server connection the client routed to drops, see below section for details on server connection drops.
When a network connectivity issue happens between client and SignalR Service.
When SignalR Service has some internal errors like instance restart, failover, deployment, and so on.
Please refer to https://github.com/Azure/azure-signalr/blob/dev/docs/tsg.md#client-connection-drops
When I call the bing speech rest api a few days ago, I get an error and do not return a result.
System.Net.WebException: The remote server returned an error: (503) Server Unavailable.
at System.Net.HttpWebRequest.GetResponse()
at SpeechRESTSample.Program.Main(String[] args) in C:\Users\kaki1\Source\Repos\Cognitive-Speech-STT-ServiceLibrary\sample\SpeechRESTSample\Program.cs:line 78
The remote server returned an error: (503) Server Unavailable.
Renewed token.
or Internal Server Error
Does not provide services?
If I use the sample code directly to get the token then I got the 401 error.
The FetchTokenUri is changed from https://api.cognitive.microsoft.com/sts/v1.0 to
https://{region}.api.cognitive.microsoft.com/sts/v1.0/issueToken
we could get the authentication endpoint from this link.
And the endpoints for the Speech to Text REST API is the following format
https://{region}.stt.speech.microsoft.com/speech/recognition/conversation/cognitiveservices/v1
I also test it locally I can get the token with the endpoint.
For more demo code, please refer to this.