I am currently trying to connect to my elastic search cluster using the php elasticsearch client
I am having trouble using an https endpoint for this. I have my cluster behind a load balancer with a VIP in front, it is using Apache authentication and is on port 443. The trouble I am running into is that the config for the client seems to be parsing the hosts and removes https:// from the host name. this results in the client always trying to connect over port 80. I have tried adding :443 to the host name but I am then getting a curl error "empty reply from server". I know that this server has access (no firewall blocking) because i can manually make the curl call using https://myelasticsearch.com.
My question is, is there a way to specify the protocol to make the request over using this client? if not, where in the source is the parsing of the host array happening?
I have found a temporary solution, in src/Elasticsearch/Connections/AbstractConnection.php there is a defined transportSchema variable that is set to http. I changed this to https and also added the :443 to my host in the config and it works!
Just as an update to this question (in case anyone stumbles into it), this bug was fixed in Elasticsearch-PHP v1.1.0. You can specify https in the host now to use SSL:
$params = array();
$params['hosts'] = array (
'https://localhost', // SSL to localhost
'https://192.168.1.3:9200' // SSL to IP + Port
);
$client = new Elasticsearch\Client($params);
Related
I have downloaded a SSL certificate that I have recieved from app.zerossl.com and placed it in the same directory as my main node script; and have used this code to install it.
var fs = require('fs');
let options = {
cert: fs.readFileSync(__dirname + '/certificate.crt'),
ca: fs.readFileSync(__dirname + '/ca_bundle.crt'),
key: fs.readFileSync(__dirname + '/private.key')
};
My configuration for running the server is the following:
var express = require('express');
var app = express();
var server = require('https').createServer(options, app);
var io = require('socket.io')(server);
Now i'm running MYSQL and PHP on XAMPP with the port set to 1337. In my modem i've set the DMZ to my Computer/Servers' internal IP Address. When I try to access my domain over the internet it comes up with an error. (didn't send any data, ERR_EMPTY_RESPONSE) assumingly from my Node JS server.
Now when I go on the https version of my website using the address bar, it comes up with a warning then redirects to my XAMPP server. The port is not set on the address bar, so i'm not sure why it's redirecting to the XAMPP server.
I'm wondering why isn't my SSL working and why is it redirecting to my XAMPP server instead of using the NodeJS server when I place in https?
Since you are running two servers and one public entry point, then you will need to use something like nginx to be able to access both from your external IP.
XAMPP is probably taking priority over the express server which is why is going there.
NOTE: If you are dealing with HTTPS, make sure to add router rule to utilize port 443.
Here are some docs on how to host two servers in one. In this case, it's two websites but you can change it to make it works for one website and one backend server since this is specifically for routing to different ports.
NOTE: You can skip server_name and just add the port forward in each configuration. This way you can have one port forward to 1337 for your xampp, and another port for your express server.
https://webdock.io/en/docs/how-guides/how-configure-nginx-to-serve-multiple-websites-single-vps#:~:text=If%20you%20are%20using%20a,to%20host%20all%20your%20domains.
I have made a chat with SocketIO who is working well on local, but i'm trying to deploy it on my Apache server.
I'm using Php + NodeJs, not only Node
I had ERR_CONNECTION_REFUSED error but solved it by opening the good port, Listen 8000 in my ports.conf
My server.js look like this
var io = require('socket.io').listen(8000);
// Socket IO usage
My client.js is
var socket = io.connect('http://[MY SERVER IP]:8000');
// Other client code
I use localhost in local but I changed by my server ip.
But I still have this error
XMLHttpRequest cannot load http://[MY_SERVER_IP]:8000/socket.io/?EIO=3&transport=polling&t=1455101301883-60. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'MY DOMAIN' is therefore not allowed access. The response had HTTP status code 404.
I really don't know what to do, this is the first I try to deploy a Nodejs + php app.
I had read some Stackoverflow questions to try to fix it, but i really don't know how...
I don't knwo if this is due to my Apache conf or I must change some NodeJS or SocketIO conf
Thanks for your help.
I found the problem.
Do not open the NodeJS server port on Apache config. It will make some conflicts and will prevent your Node server to work.
Just change the localhost by your server IP and it will work fine.
I am working on Application with nodejs and PHP along with Mysql
PHP is frontend here, nodejs is backend
Now
I created a form and while creating a form
i am sending ajax request to Nodejs
like
url: http://example.com:8124/sign_in
Which is working fine
Now Problem is that
When i enabled ssl on Apache.
now i am unable to send request to Node .
it is giving me error, like
Cross-origin policy , load unsafe content
How to resolve this issue
Thanks
That's not a problem with PHP, rather with JavaScript (AJAX). It's because you're trying to load contents from a server that doesn't use SSL from a web page served via SSL.
Simply enable SSL also on the Node app and it will work.
Edit
I do not recommend creating a proxy server in Node.js.
It's actually a good idea to create a proxy server in front of every Node.js app. Indeed, for safety reasons most websites built with Node.js have a Nginx reverse-proxy in front. That is: users connect to Nginx (chosen over Apache for the much better performances) and Nginx makes a request to the Node.js app.
With this setup, you would actually not need to enable SSL in Node.js, as long as Nginx has SSL enabled.
To use SSL directly in Node.js, you need to add just a couple of lines to your app.js file. See this SO question: How do I setup a SSL certs for an express.js server?
If the servers are on the same hostname (just a different port), then you won't need another SSL certificate; if the servers are on a different hostname (e.g. a subdomain) and your SSL certificate isn't a wildcard one, then you will need another certificate.
Speaking about the port... It's true that HTTPS by default runs on 443, but you're free to change it as you want. Just remember to specify it, for example: https://example.com:8443/
A simple way to enable ssl on node is to use a proxy in front of your application:
var fs = require('fs');
var httpProxy = require('http-proxy');
var privateKey = fs.readFileSync('key.pem').toString();
var certificate = fs.readFileSync('cert.pem').toString();
var chainCertificate = fs.readFileSync('ca.pem').toString();
httpProxy.createServer({
target: {
host: 'localhost',
port: ...your application port...
},
ssl: {
key: privateKey,
cert: certificate,
ca: chainCertificate
}
}).listen(...the port for ssl...);
I am using WampServer (Windows) and PHP pgsql, and apparently something wasn't compiled with SSL support, because I get this error:
Unable to connect to PostgreSQL server: sslmode value "require" invalid when SSL support is not compiled
This got me thinking... I wonder if I can ask pg_connect() to look for 127.0.0.1 on port 12345 (or something like that) using HTTP, and then some middle service could be run on my local system that would pass that on to the server using SSL.
Does anyone know how to do that?
NOTE
I'm trying to connect to the Heroku PostgreSQL server (which uses an Amazon Web Service URL) and requires an SSL connection. I had better luck Googling "amazonws.com postgresql stunnel" for relevant bulletin board messages.
UPDATE
Here is the stunnel.conf file that I used:
;See: https://medium.com/what-i-learned-building/580fdd492119
cert = stunnel.pem
options = NO_SSLv2
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE
socket = r:TCP_NODELAY=1
options = NO_SSLv3
ciphers = HIGH:!ADH:!AECDH:!LOW:!EXP:!MD5:!3DES:!SRP:!PSK:#STRENGTH
[heroku-postgres]
client=yes
accept = 127.0.0.1:YOUR-CHOSEN-PORT
connect = THE-HOST-GOES-HERE:PORT
protocol=pgsql
retry = yes
Reference: https://medium.com/what-i-learned-building/580fdd492119
postgresql does neither use http nor https for its connection, but has its own protocol. But you could use something like stunnel to tunnel a normal tcp connection inside ssl, e.g. if your local pg_client library is not ssl-aware you could create an stunnel on localhost which then forwards the data via ssl to the remote postgresql server.
i've been trying to set up a secure communication using client side certificate between my client application and my server application.
I've set up a the configuration in my apache web server and both in my browser just to make sure that it works and it does.
i'm using zend framework 1.12, and according to the documentation on Zend website
the following example should work:
$config = array( 'sslcert' => 'path/to/ca.crt', 'sslpassphrase' => 'p4ssw0rd');
$adapter = new Zend_Http_Adapter_Socket();
$adapter->setConfig($config);
$http_client = new Zend_Http_Client();
$http_client->setAdapter($adapter);
$http_client->setUri('https://somewhere.overtherainbow.com:1337/bluebird');
$http_client->request();
but everytime i just get the same exception
Unable to Connect to ssl://somewhere.overtherainbow.com:1337
There is no doubt that i'm using the right certificate and passphrase and there is access to the remote machine
so where could be the downfall ?
Sounds like a simple firewall issue - login to the server and stop iptables and then see if it connects. Or add an exception to the clients IP to access mysql. Also check :1337 is open