IBM API Connect apps published to Bluemix inaccessible - node.js

I followed API Connect getting started guide to create a local loopback API app and tested successfully. Then I am trying to follow Publish Your API to Bluemix. The publishing is successful. The app is running. But clicking the app yields Chrome error:
This site can’t provide a secure connection
ddd.abbr-dev2.apic.mybluemix.net sent an invalid response.
I suspect the problem is incorrect port. According to CloudFoundry Nodejs tips, the port should use process.env.PORT, but loopback defaults to 3000. Following this clue, I tried adding config.local.js:
module.exports = {
port: process.env.PORT
};
But the service end point is still inaccessible.
Please Help. Thanks

This is actually by design. Since your API's implementation is on the public internet, it is secured via Mutual TLS. The only way to access it is via the API Connect gateway, thus ensuring the API is managed.
If you want to make it accessible publicly, open the app in the Bluemix console and add an additional route to the app, using the mybluemix.net domain.

Related

Google Cloud App Connecting to Atlas MongoDB

I am a newbee to Google Cloud, however, I setup the project based on Standard App Engine based for my Node.JS application. I downloaded the code from GIT and able to deploy. In my code, it tries to make a Mongo connection to my Replication Server that is hosted at Atlas MongoDB (I guess it's on AWS EC2 instance). I have access control enabled so only server to server with known IPs can connect to my MongoDB.
Obviously I was expecting the connection from my freshly deployed app to fail. So to remediate I want to add the external IP of the instance from Google Cloud (whatever is the Public IP that is seen) to Mongo Network Access. I tried a few IP address I thought are the right ones but it's not working. I see the connection is trying to make to Atlas but it's failing because I am not sure what Public IP address is seen from AppEngine (Docker Instance?)where my app is running.
I tried 0.0.0.0/0 - open to all clients and my app works just fine, however I definitely don't want to open MongoDB access to entire world. If anybody knows more about Google Cloud please help.
Thanks in advance for replying if you have important info to share.
Google App Engine doesn't have an External/Static IP that you can refer. This can be achieved by using a VM on Google Compute Engine that has an External IP with proxy to your App Engine.
Besides that, there is a Feature Request open for this to be checked by Google that you can access here:
Provide static IP for outbound urlfetch requests
Besides that, you can access the documentation Static IP Addresses and App Engine apps, to find out more information on options already available on App Engine.
Please, let me know if the information helped you.

How does an azure app service access a no azure web server

I have an Azure app service and in some cases I need to send a web request to a non-azure webserver. What do I need to do to make it possible.
Currently the web request fails with no clear error message.
In response to a HttpClient Put request I get a System.Net.WebException exception which says there were errors.
THe same request works from a desktop application.
If your webserver is reachable from the internet you should be able to access it through your App Service. Try to log a ping to your webserver and google (8.8.8.8).
If your App Service is in a VNET you should enable some outbound rules to your webservers IP adress.
The server I am connecting to is an other Azure service. After some more investigating, It appears that I can connect to it if I do not use SSL (i.e. http://) but the connection is immediately closed when using SSL (https://). I assume that the problem must be related to the use of SSL.

accessing a service which is hosted on the intranet

Hi I am new to Dialogflow. I am trying to do the following
I am trying to create a simple bot application which would use a webhook to connect to an external service (hosted on my local webserver/ company server).
Based on the documentation Docs it seems that the service has to be publicly accessible. Can I do this?
Thank you
Yes, the webhook server must be at a publicly accessible HTTPS address.
If you are trying to use an internal server that is not available to the public Internet, you may wish to look into a tunneling service such as ngrok.

How to connect to an external service on a non-standard port from an Azure App Service?

I'm trying to access a third party service from Azure App Services (ideally Functions, but a Web App would do). However this service is hosted on a non-standard port, e.g. https://myservice.com:445
I'm using the System.Net.Http.HttpClient to make a POST request, but consistently get a SocketException:
An error occurred while sending the request. Unable to connect to the remote server An attempt was made to access a socket in a way forbidden by its access permissions 1.2.3.4:445
The code works on my local environment (Functions emulator or Kestrel), but fails on Azure. I tried using a service hosted on a regular https endpoint, e.g. https://myotherservice.com, and the call goes through normally.
I'm assuming there is some sort of outbound firewall rule that's preventing the fist call, but I haven't found any configuration option to disable this. Is it possible? I unfortunately cannot change the endpoint of the service I need to call.
After checking your application, I did indeed find that those outgoing requests were being blocked by the infrastructure.
I was also able to find public documentation covering those ports here:
https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox#restricted-outgoing-ports

Getting a BlueMix app through a firewall

I am currently working on a java back end server that I am deploying to bluemix. It is a standard web app, built out with maven and hits a mounted data base. Standard stuff.
The question becomes is that two of the end points that I am using are hitting services that exist on networks that have their own firewall.
Now if I deploy the application to a server that is punched through the firewalls, all is well. However on bluemix where I am not punched through these firewalls, I often get 401 errors.
Does anyone know of a way to pass these credentials when doing a post or get so that I can authenticate through the firewall, and then authenticate through the service?
Thank you all.
You can use one of the following Bluemix services to connect your application running on Bluemix to your on-premise application/database behind the firewall:
Secure Gateway
Cloud Integration
With Secure Gateway you can create a secure tunnel between Bluemix application and your on-premise application. The official documentation is available here, but there is also an excellent article in the link below to start with this service:
https://developer.ibm.com/bluemix/2015/03/27/bluemix-secure-gateway-yes-can-get/
Alternatively the Cloud Integration service documentation is available here.

Resources