My environment : windows server 2019, isolated network w/o internet access, local instance of gitlab server, gitlab-runner v 15.2.0.
I try to register runner on my gitlab server i got this error:
ERROR: Registering runner. failed runner=<runner> status=couldn't execute POST against https://test-gitlabserver/api/v4/runners: Post https://test-gitlabserver/api/v4/runners: net/http: TLS handshake timeout PANIC: Failed to register the runner. You may be having network problems.
So, I check that port 443, 80 is accessible, certificate chain is valid, certificate trusted authority is up to date, check certificate revocation list is up to date. When I'm do
curl https://<test-gitlabserver>
everything is ok, But runner still not register.
After that I have the internet access on this windows server and it's work like a charm, but it's must be isolated network. I do a few wireshark capture to compare sessions and I see - if internet connection is down, after TLS "client hello" phase, connection with gilab server close, but if internet connection is up, after TLS "Client hello", i got "Server hello" and runner succesfully register
P.S sry for mistakes in text=)
Related
Essentially I cannot connect to an SSH server anymore. Whenever I try to connect I get the following error:
ssh: connect to host HOSTNAME port 22: Connection refused
Note that I am able to connect from a different machine. Hence, the issue seems to be client side. Furthermore, I also cannot pull/push to git repositories that are cloned via ssh. Again, when pulling I get the following error:
ssh: connect to host github.com port 22: Connection refused
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists
It seems like I somehow nuked my SSH installations/config files. I have reinstalled SSH but this did not fix the problem. Any ideas?
Note that you never "connect" to github.com directly (no interactive shell)
As mentioned here, "Connection refused" means
invalid IP address for github.com (manual entry in /etc/hosts or your resolver)
firewall along the way to github.com which blocks the ssh traffic (eg. local firewall or corporate firewall)
So is the other machine (where you do succeed) on the same network?
Check if the other machine SSH config file was not using ssh.gthub.com port 443 (instead of the default github.com:22, typically blocked in a corporate environment).
Failed to complete tunnel connection
The connection to http://cc1e064782fc.ngrok.io was successfully tunneled to your ngrok client, but the client failed to establish a connection to the local address localhost:80.
Make sure that a web service is running on localhost:80 and that it is a valid address.
The error encountered was: dial tcp [::1]:80: connectex: No connection could be made because the target machine actively refused it.
Hi, I was setting up ngrok and got this error, I disabled the firewall too.
Take a look at this video where I show you the error.
https://youtu.be/uP4B79w4s7c
Its kind of a message that ngrok successfully created tunnel to your pc at port 80 but there is no service running at that port in your OS, Mostly people run a web server at 80 but you can run any service at that port.
So lets assume you are running a web server in your OS on port 80 then you can access that web server from anywhere on the internet using that ngrok tunnel.
I was setting up the GitLab Runner on another server system . I faced an error in the Registration step. The error said ‘having a network problem’.
The detailed description of the error is
“ERROR: Registering runner… failed . Couldn’t execute POST against http://gitlab.sw.st
ratus.com/api/v4/runners: Post http://gitlab.sw.stratus.com/api/v4/runners: dial
tcp 134.111.200.59:80: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.”
The thing is the server system on which I am trying to set up the GitLab Runner uses the port 80 for talking to an Apache server. Is there any way, I can make the GitLab Runner dial a connection on any other port apart from 80?
Regards,
Poornima
You should modify advertise_address and listen_address in your Runner configuration.
[session_server]
listen_address = "0.0.0.0:8093"
advertise_address = "gitlab.com:8093"
Check here to get the full documentation.
I have an API running with express using https. For testing, I've been using tinycert.org for the certificates, which work fine on my machine.
I'm using docker to package up the app, and docker-machine with docker-compose to run it on a digital ocean server.
When I try to connect with Chrome, I get ERR_SSL_VERSION_OR_CIPHER_MISMATCH. When running this with curl, I get a handshake failure: curl: (35) SSL peer handshake failed, the server most likely requires a client certificate to connect.
I tried to debug with Wireshark's SSL dissector, but it hasn't given me much more info: I can see the "Client Hello" and then the next frame is "Handshake Failure (40)".
I considered that maybe node on the docker container has no available ciphers, but it has a huge list, so it can't be that. I'm unsure as to what's going on and how to remedy it.
EDIT
Here's my createServer() block:
let app = express();
let httpsOpts = {
key: fs.readFileSync("./secure/key.pem"),
cert: fs.readFileSync("./secure/cert.pem")
};
let port = 8080;
https.createServer(httpsOpts, app).listen(port);
I've had this problem for a really long time too, there's a weird fix:
Don't convert your certs to .pem; it works fine as .crt and .key files.
Add ca: fs.readFileSync("path to CA bundle file") to the https options.
It looks like your server is only sending the top certificate and the CA bundle file has the intermediate and root certificates which you'll need for non-browser use.
IMPORTANT! Reinstall or update node to the latest version.
You can use sudo apt-get upgrade if you're on Linux (it may take a while).
Re-download your certificate or get a new one.
If you are acting as your own certificate authority it could be not recognizing / trusting the certificate, so try testing your site on ssllabs.com.
If you're using the http2 API try adding allowHTTP1: true to the options.
My client has provided an ip is 192.168.1.205 of linux machine on which JBoss server & mySql db are installed and accessible after VPN connection only.
Previous Status Summary
VPN connected ...
Deployed EAR application to server <JBOSS_HOME>/server/default/deploy/
Start Server e.g.
#<JBOSS_HOME>/bin:> ./run.sh -b 192.168.1.205
Application access in browser : success
Now client has provided a public IP (119.55.15.165) and says application can be accessed without VPN connection. I did the same as above but neither application is accessible via public ip nor #192.168.1.205 after vpn connection while i can see the process id and server log file which proves that JBOss is started and application is running.
As i tried to start application service with following command but deployment got failure
#<JBOSS_HOME>/bin:> ./run.sh -b 119.55.15.165
Status: Deployment Failure
#<JBOSS_HOME>/bin:> ./run.sh -b 192.168.1.205
Status: Deployment Success, Server started, Appl'n running but not accessible in browser
Please help me out on this.