Recently we were faced with a critical problem whereby our company website (E-Commerce platform) was not accessible. It threw a 301/302 error. This platform is used for subscribers to purchase reloads, subscribe to new plans and so forth.
When we ran a curl command to troubleshoot further, this was the error we found :
We compared the output with another staging platform, which did not have this connectivity problem. Thus we compared the configurations in the test server with the production server, and found that the openssl for both the production and staging were same :
Production :
Staging :
The management confirmed that the certificates in the production had not expired. And to prove this, we copied the certificates from the production to the staging, and the staging server was still able to access the site.
We finally checked the Load Balancer (All the E-Comm servers are connected to the LB), and we found that the communication between the production server and the website used ssl v2, whereas the staging used TLSv1.2.
And because of this, the head of department guessed that the team that was responsible with managing the website we were trying to access had blocked the ability to use the old ssl version. We called the team to confirm, and true enough this was the reason of the problem.
However, I am still unclear of why the ssl version for both the servers vary. According to my team lead, only the Load Balancer is configured to use the SSL.
Not the servers. So my question is how did the LB get the information of the different SSL versions for both the servers?
Here is a useful SSL (HTTPS) application for anyone with a remote Linux server they want to keep an eye on using Blynk and the NodeMCU ESP8266. This little app also works (have tested as well) on the WeMos D1 ESP8266 Arduino board.
The NodeMCU setup could not be easier, just find a... (8 Replies)
Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website!
please advise if I missed any concept / configs... Thank you!
httpd.conf
<VirtualHost *:80>
ServerName www.my-site.com
ServerAdmin... (0 Replies)
A client is accessing our JBoss server. In the past, we set up a keystore and everything worked fine.
That certificat expired and we've installed the new one. Now the client is getting the following error -
HTTP/1.1 500 Internal Server Error
Date: Mon, 14 Apr 2014 13:25:44 GMT
Server:... (1 Reply)
Hi everyone,
I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good.
What a I want to know is how can... (2 Replies)
Hello,
I tried searching through lot of threads for a solution but couldn't fetch the exact solution, so I am creating a new thread.
I am trying to connect to a FTP server
1) using a simple FTP command, it gives the error :
534 Policy requires SSL.
Login failed.
2) using SFTP... (19 Replies)
Does anyone know where Apache's use of SSL_VERSION_LIBRARY is defined and pulled from, in regard to headers? So far, I've tracked it down to mod_ssl. Which is fine, however, when I recompile mod_ssl with a new version of OpenSSL, and install the module, the request headers still report the old... (0 Replies)
I have interesting problem.
https:/host/some/x.cgi
- this script has run twice when I call this url
But
http:/host/some/x.cgi
work fine, only once.
Output is text/plain.
If I change output format to the Content-type text/html,
then both urls works fine - executed only once. (2 Replies)
I have installed solaris10 x86 on HP DL380 G5 Server, but network card is not getting detected.
i have installed the network driver, downloaded from the following link
HP ProLiant DL380 G5 Server series- Download drivers and software - HP Business Support Center
Can any one suggest me how to... (1 Reply)
i have configured Squid proxy server in Fedora 8 with two network interfaces.
HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl).
so please someone help us how to enable pop and smtp in Squid. (1 Reply)
I've upgraded Iplannet 4.1 to Sun ONE Web Server 6.1. However. Now i can't seem to connect on port 4443 which was originally being used in 4.1 to deal with transactions....when i try to run a query on this port (4443) i get the following error:
Access to the server was denied
I suspect i... (1 Reply)