I have a backend API on port 3000 using an SSL certificate. I have it hooked up to my frontend and whenever it tried to query the API I get 'connection reset'. When I try to curl https://example.com:3000/ping, it returns the expected pong. But when I try to curl the same URL not from within my EC2 ssh, curl returns LibreSSL SSL_connect: SSL_ERROR_SYSCALL. Where is the problem? Is it in the SSL cert or in something I'm not catching?
Related
I am trying to configure mesibo communication services On-Premise Deployment and tried to deploy while backend application using docker - FastCGI - NGINX. I have followed the below URL https://mesibo.com/documentation/on-premise/#hosting-mesibo-backend-apis Please see the title "Hosting mesibo backend APIs". I have used the 11443 port to deploy the application in the docker.
While checking the command sudo netstat -ltnp getting the following output. So the process is running correctly.
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 267497/mysqld
tcp 0 0 0.0.0.0:11443 0.0.0.0:* LISTEN 535097/backend
When I try to run the command
curl http://0.0.0.0:11443 => getting error as "curl: (56) Recv failure: Connection reset by peer"
Please help me to get out of this issue.
========= Found the Issue - But it may be help someone
run the command 'ifconfig' to find the docker ip address. then try the curl command with that ip address.
Please note, mesibo DOES NOT have any web server so you can't use curl directly.
Refer to this document
https://mesibo.com/documentation/on-premise/#hosting-mesibo-backend-apis
It clearly says you should configure and point to your web server. In turn, your web server will connect to the mesibo FastCGI server. From the above doc
you need to configure a URL on your webserver to access backend APIs.
Any API request received on this URL should be forwarded to the mesibo
backend FastCGI server at the port specified in the command, port 5000
in above example.
Please follow the document and configure a URL on your web server and then curl to that URL.
I am trying to deploy my nodeJS API at Ubuntu Amazon Web Services. The app.js is runing at port 3002
As you can see my app.js is running at port3002 and firewall is allowing the connection with this port
Next test is send a request to my API using curl
curl -d '{"email":"adriel#admin.com","password":"Zxycok159!"}' -H 'Content-Type: application/json' http://localhost:3002/user/login
I got the expected response with curl.
res:
token: f0e4c2f76c58916ec258f246851bea091d14d4247a2fc3e18694461b1816e13b
To finish the process I will check my security groups, to allow 3002 port, and my private ip at AWS console.
public IPv4
18.221.231.202
private IPv4
172.31.17.178
It seems to be all right, but when I try to enter in a regular browser http://172.31.17.178:3002
I got a timeout response, can't connect properly and have an API response.
Res:
Unable to access this site 172.31.17.178 took too long to respond.
Try:
Check the connection
Check proxy and firewall
Run Windows Network Diagnostics
ERR_CONNECTION_TIMED_OUT
I tried the most common solutions (AWS EC2 security groups, Ubuntu Firewall, Curl tests) to this issue, but can't connect to API in the browser, any suggestions?
I don't know how can I have the properly response like when I do the same process at my local machine, at my local browser receive the expect response
You're trying to use the private IP of the instance. Use the public Ip of the instance. Private IP is only accessible within your AWS VPC (This depends). Public IP is what clients use to access your application.
The right away to configure nginx for both (front end and backend)
server {
listen 80 default_server;
server_name _;
# react app & front-end files
location / {
root /opt/front-end/dist;
try_files $uri /index.html;
}
# node api reverse proxy
location /api/ {
proxy_pass http://localhost:3002/;
}
}
This is the correct away to configure a website at 80
My server's hosted at DigitalOcean (it's a droplet) and basically, I cannot access my NodeJS app via Internet, only server-side. It's running on port 9000, I've allowed traffic to the port via ufw and iptables, no luck. When I run curl || wget while SSH-ed to the server, I get a normal response as if everything's in order. But when I try to access the server from an another machine, I just get timed out because the server returns nothing. I've heard DigitalOcean sometimes disable connections to all ports except ssh,www and ssl, but I think I've successfully 'opened' them. Any suggestions?
This is what I get when I run netstat -tulp | grep LISTEN
Turns out my dashboard was all messed up when it comes to ports, which I forgot to check, of course, so opening them directly on the server gave no results whatsoever.
I have an existing ssl certificate through LetsEncrypt for my domain. On the same server as my site I have an express app running at port :8080. Before adding the SSL to the domain I was able to make requests to http://domainname:8080.com. Now that the domain making the requests is https it obviously can't make those requests. If I instead make requests to https://domainname:8080.com, I get no response and instead get a timeout error.
I have attempted to curl -X -POST on the server manually and it returns (35) gnutls_handshake() failed: The TLS connection was non-properly terminated. If I however run the same command pointing to the non https domain it executes correctly. I also tried installing the https modules for express and pointing it to the same certs I'm using for the domain. For all my effort I cannot get this to work. What am I missing here? I want to make requests to a port on the same server that is serving my app.
Setup a reverse proxy in my nginx site config from the domain to the ip address the express server was running on. This solved all the issues I was having.
I've set up a HTTPS Node server on AWS EC2 which runs on port 4443 and set up Nginx to redirect requests(port 443).
https.createServer(options, app).listen(4443, function(){
console.log("https server started at port 4443");
});
The HTTPS server is working fine, I get a secure connection on browsers and
curl https://mydomain/apiroute works
Now, when I do
curl http://mydomain/apiroute the requests still work. The same goes for Postman.
I know that I can redirect all HTTP traffic to HTTPS using something like 301 redirects but my question is, why does the server respond to HTTP API calls inspite of there being no "HTTP" server?
Additionally, I use a letsencrypt generated certificate.