Twitter card validator cannot validate my secured url - http

The Twitter card validator is able to validate http://my domain.com which doesn't link up with my files well because I've added "s" to the "http" in my base URL, but is unable to validate https://my domain.com. the https://my domain.com is my custom domain which has an SSL installed. I don't know why it's not been validated. Anytime I try it gives me errors: Fetching the page failed because of other errors and Unable to render Card preview.
Please any guide will be very much appreciated.

According to the Twitter troubleshooting post:
if you see a validator message about Fetching the page failed because
other errors or similar, check your SSL configuration. The certificate
and server name must match (or be aliased to match) due to Java
security constraints.
There's more detail on the Twitter forum. You'll need to use a site such as ssllabs.com/ssltest/ to check the quality of your setup.

Related

WooCommerce - Auto generating API keys using our Application Authentication Endpoint give 401 Invalid URL error

I'm attempting to use the REST API provided by WooCommerce to generate the Customer Secret and Customer Key values so that it could be used to invoke other WooCommerce REST APIs. I referred the documentation about generating the key values and managed to get it working using a mock endpoint in Postman used for the call_back URL in the API as mentioned in the document.
I created a POST service in my backend server and managed to setup a SSL certificate in the local environment with a domain mapped in hosts file in /etc directory. I ran the backend service and invoked the callback url through Postman and it worked. Then I used that as the call_back URL in the actual WooCommerce Auth endpoint to programatically generate the keys and save it in my DB. But I'm getting
"Access Denied" - Error: A valid URL was not provided..
When I checked the browser through devtools -> network noticed that there is a 401 Unauthorize error.
Here is the sample GET URL that is uesd for WooCommerce API key generation
http://localhost/woocommerce/wc-auth/v1/authorize?app_name=<SOME_NAME>&scope=read_write&user_id=36&return_url=http://localhost/woocommerce/&callback_url=https://foo.bar.dev:44329/api/services/app/woo_commerce_auth/6/callback
callback_url = https://foo.bar.dev:44329/api/services/app/woo_commerce_auth/6/callback
When the callback_url is a mock url generated using Postman it works fine
callback_url = https://513ca6ab-db16-4635-8d0b-9159e3b1e187.mock.pstmn.io/api/services/app/woo_commerce_auth/6/callback
Any clue why this happens, I could not find a way to troubleshoot this issue. Appreciate the help.
Hi posting this for future reference, and hope it would help others who face this problem as well.
Things to keep in mind when setting the callback_url,
Non HTTPS URL endpoint are not allowed.
URL should not be a localhost url (e.g localhost/callback would give an invalid URL error)
URL should not contain port number (e.g localhost:4320/callback or foo.bar.dev:4892/callback are invalid)
Callback URL should be a POST url
If an error such as Error: An error occurred in the request and at the time were unable to send the consumer data. is given after checking all the above check the backend service code related to the callback_url (I had a 500 server error which triggered this, it was not a WooCommerce issue)
Also a tool such as ngrok would be really helpful to setup an HTTPS endpoint in your local environment to test this.

Force HTTPS on alfresco

I have been trying to enable HTTPS login on alfresco but it seems to be a challenge to get it working.
I can access my website via HTTPS and get the login page, but when I login with the correct credentials I get the following error :
Something's wrong with this page...
We may have hit an error or something might have been removed or deleted, so check that the URL is correct.
Alternatively you might not have permission to view the page (it could be on a private site) or there could have been an internal error. Try checking with your IT team.
If you're trying to get to your home page and it's no longer available you should change it by clicking your name on the toolbar.
I must login in HTTP then refresh my HTTPS page to be connected in HTTPS.
I have already seen what the offical doc says and tested it but it didn't work.
Has anyone an idea on how to fix the problem ?
Thanks
The alfresco.log / catalina.out should tell your more.
Where / how did you set up https? Have a a reverse proxy like nginx or apache in front of the alfresco tomcat?
If the log says something like "CSRF Token Filter issue" then you need to set share.host / port / protocol in alfresco-global.properties as seen from the browser.

Error from Firebase Project URL: Adding www causes "Your connection is not private"

I have a firebase project that loads properly unless I type the url to my project with www. in front.
This works:
https://myproject.firebaseapp.com
This returns an error:
https://www.myproject.firebaseapp.com
Your connection is not private
Attackers might be trying to steal your information from
www.myproject.firebaseapp.com (for example, passwords, messages, or
credit cards). Learn more NET::ERR_CERT_COMMON_NAME_INVALID
Attempt to resolve
I followed the "Learn More" in the error above and it seems that
the error might be that firbase by default sets up
myproject.firebaseapp.com but not www.myproject.firebaseapp.com.
I then checked the firebase app in the hosting console (i.e. https://console.firebase.google.com/project/myProjectNameHere/hosting/main)
and it does show only the non-www version, but adding the www version here does not seem possible since I do not own the firebaseapp domain so I cannot add the provided TXT file at this point to the DNS records.
Does anyone know why this is occurring and how to get the project to load when www. is added to the url?
Thank you in advance!
This is not supported.
To give some technical detail, wildcard SSL certificates are only valid for a single level; so *.firebaseapp.com but not *.*.firebaseapp.com. In addition, this is (in my estimation) entirely unnecessary as it simply makes the URL longer.
What I would encourage you to do is purchase a domain name for use with your Firebase Hosting site, and connect it. Read "Connect a Custom Domain" in our docs for more info.

Microsoft application - Redirect URI allows 'localhost' but not '127.0.0.1'

I have developed an application that allows MSA (Microsoft Account) authentication. I have registered my app here: https://apps.dev.microsoft.com.
When testing my app locally, I can access my app with no problem at my SSL URL of https://localhost:44300, and MSA works fine. When I registered my app, I used https://localhost:44300/signin-microsoft as the Redirect URI.
Problem: I can also access my app at https://127.0.0.1:44300, as one would expect. However, MSA here doesn't work. The error page says, We're unable to complete your request.
Microsoft account is experiencing technical problems. Please try again later. And the URL of the error page reveals that the error is with a mismatch in the Redirect URI: https://login.live.com/err.srf?lc=1033#error=invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.
In the Microsoft Apps page, when I try to update the Redirect URI from https://localhost:44300/signin-microsoft to https://127.0.0.1:44300/signin-microsoft, it doesn't allow me to save my change and it shows me this error: Your URL can't contain a query string or invalid special characters, and it provides a 'Learn More' link: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris
After reading the info in this link, I see nowhere that a URI like mine (https://127.0.0.1:44300/signin-microsoft) would be an unacceptable URL, as I'm not breaking any of their rules: I have no invalid characters, no query strings, etc.
My research: Looking online, people are getting the Your URL can't contain a query string or invalid special characters because they are actually using a query string or invalid special characters, such as in this link: https://social.msdn.microsoft.com/Forums/en-US/4f638860-ea57-4f0e-85e0-b28e1e357fe2/office-365-app-authorization-redirect-uri-issue?forum=WindowsAzureAD. I couldn't find a case where someone has entered a valid URI and they weren't allowed to save it.
Why I need 127.0.0.1 to work: I need to expose this website, which is running on my local box. In order to have the website running without having an instance of Visual Studio opened all the time, I'm using csrun to host my website in Azure local fabric (by the way, my app is an Azure Cloud Service, with a ASP.NET MVC 5 app as a web role). I followed this instruction for csrun: http://www.bardev.com/2013/03/12/how-to-deploy-application-to-windows-azure-compute-emulator-with-csrun/. Using csrun, it allowed me to host my website in https://127.0.0.1:444 (but, as with https://127.0.0.1:44300, MSA doesn't work). My end goal is to expose this website with a public URL using ngrok (https://www.sitepoint.com/use-ngrok-test-local-site/), so that anyone can access my site.
Therefore, my main question is: how can I have the Redirect URI be https://127.0.0.1:44300/signin-microsoft instead of https://localhost:44300/signin-microsoft?
Make sure you access this portal through https://identity.microsoft.com as this is the only way the steps below will work.
You can get around this error right now by adding the reply URL through the manifest. Login to the portal, select the app you want to configure, and scroll down and hit the Edit Application Manifest button. Then you can add your https://127.0.0.1:44300/ to the replyUrls field.
There's some funny behavior that will only allow this right now if you only register other localhost reply Urls. If this is the only reply URL you need then it shouldn't be a problem.

SSL error on woocommerce callback in wc auth

I am using the wc-auth login of woocommerce.
the one like this https://woocommerce.wordpress.com/2015/08/07/api-settings-and-the-api-authentication-endpoint-in-2-4/
now both sites have SSL installed properly I checked them on online sslcheckers.
But on the wc-auth way of logging in, I get this error:
Error: SSL: no alternative certificate subject name matches target host name 'www.my-domain.com'
I have checked the alternative name and it has *.mydomain.com in it.
Hence i am unable to understand what is the issue?
if both site SSL checkout then you should not be having any issues. For troubleshooting purposes try using a callback_url without the www subdomain.

Resources