I am using the extension "Trigger E-Mail" in Firebase. When I try to send an e-mail and I get the following error:
Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames
Does this mean the loaded certificate must contain my hostname to work? Sorry, I just have started studying certificates. If I am right then one solution would be to add my hostname into the certificate. As I am using a thirdparty mailprovider. UPDATE: The smtp server uses a shared certificate which doesnt include any other domain and it will never happen.
Similar posts using nodejs tell to set the following configuration:
{ rejectUnauthorized : false }
First I cannot set his configuration into the Extension, secondly I do not want to remove the security feature.
What do you recommend?
Related
I am attempting to use a certificate with JMeter and can see that it appears to be loaded fine from the logs.
INFO o.a.j.u.SSLManager: JmeterKeyStore Location: certificate.jks type jks
INFO o.a.j.u.SSLManager: KeyStore created OK
INFO o.a.j.u.SSLManager: Total of 1 aliases loaded OK from keystore
Yet, when I send the Http Request, the results from the server just keep stating 'Client Certificate Not Provided'.
Below are the parameters I've used on the command line.
-D javax.net.ssl.keyStoreType=jks
-D javax.net.ssl.keyStore=certificate.jks
-D javax.net.ssl.keyStorePassword=password123
All the examples I can find simply state that if I configure the Jmeter element 'KeyStore Configuration' with the alias, it should send the certificate with the requests. It does not seem to be doing so. For the record, I have also tried to use the p12 cert and set the type to pkcs12 with the same results.
What am I missing?
In fact given you have only one certificate you don't need the Keystore Configuration at all, just remove it from the test plan and your setup should start working normally
Most probably your Keystore Configuration is not correct, for instance the "variable name holding certificate alias" is not set or doesn't match the record in the keystore
Check its value using Debug Sampler and make sure that certificate with this alias exists in the keystore. You can see a working sample in How to Use Multiple Certificates When Load Testing Secure Websites article
I have recently moved a project over to another server. The domain name is the same, it has just been pointed to the new server. The URL is exactly the same. Since moving the project over however I get this error when the app tries to connect to googles OAuth api.
{
"name": "Error calling GET https:\/\/www.googleapis.com\/analytics\/v3\/management\/accounts\/~all\/webproperties\/~all\/profiles?key=AIzaSyBKUP8JriiOnFnbJm_QYt_bHTMuHf-ilAI: (403) There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.",
"url": "\/analytics\/statistics.json"
}
The obvious reason (based on the error message) would be that I haven't added the new server IP into the list of allowed IP's in the devlopers console under APIs & auth->Credentials->Key for server applications.
I have added the IP. I've checked the domain has propagated by pinging it and the new IP comes up which has been entered in the console so i'm struggling to work out why it doesn't work.
Has anybody come across this before that may be able to help me solve it?
Go to Project -> APIs & Auth -> Credentials -> API Key -> Create New Key -> Browser Key. It may take upto 5 minutes to reflect changes.
And it worked for me.
After you added your new server IP you need to generate a new API key from the Console. This message shows up when access in not properly configured. Look here and scroll down to "accessNotConfigured".
So, go to your developer console, Project -> APIs & Auth -> Credentials -> Public API Access -> Create New Key -> Server Key. Use this new key and you should be good to go.
I've had this problem for a while as well but finally solved it:
I noticed when trying wget http://bot.whatismyipaddress.com/ from my server it would actually return an IPv6-address, when on the API key's config page I had entered the IPv4-Address of my server. Once I added the IPv6-Address, my requests where finally accepted.
Go to Project -> APIs & Auth -> Credentials -> Public API Access -> Create New Key -> Server Key >> Accept requests from these server IP addresses (Optional) section,
then remove all the IP Address and Update it first, then try it. And, later you can add the specific IP address which did weirdly work for me.
Here is the issue:
I have an email server with OpenDKIM and Postfix installed as here:
http://www.serveridol.com/2012/02/17/opendkim-configuring-dkim-keys-on-postfix/
My TXT DNS record is on the main domain (Server domain name)
Here: senderServer.com
It works great when I send an email from senderServer.com using my FROM address as: anything#senderServer.com
The problem is when I send an email using my FROM address as: anything#otherDomain.com
The DKIM signature is added but using otherDomain as the domain value tag:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=otherDomain.com; s=20131125; t=1385596727;
bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=Date:To:Subject:From;
b=ujfsdhfu9hf9sdfs9df9sfs9fhsd9hfsfnsvkjnsdlvljsv
so, the server that is receiving the messages is not finding the DNS record which is obviously clear since the d= tag value is otherDomain.com instead senderServer.com
I would like to find the way to retrieve the d= value from the server name instead retrieve it from the FROM header email address... or override it to be always d=senderServer.com
Domain *
KeyFile /etc/postfix/dkim.key
Selector mail
in /etc/opendkim.conf to use the same key for multiple domains ( documentation )
and added no_milters to /etc/postfix/master.cf
made this line:
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
look like:
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
This prevented opendkim signing messages twice.
I'm using
Configure SMTP plugin for wordpress, when I used it in a local server (localhost) it works properly and send me the test email which confirms that it is working. But when I used it in a hosting site (I used Hostgator) it gives me an STMP error.
What is the possible cause of this error? and what is the possible solution?
Thank you.
Based on the second error, and the words "verification failed", and "sender verify" failed, my guess would be that you have not set up SMTP authentication correctly. You are relaying your mail through Hostgator, so they may have specific hostnames / ports that you need to authenticate correctly with to get your mail to flow. I'd suggest syncing with Hostgator on this.
Actors
-Asp.net site - Client
-Wcf services - Server
Both applications runs on IIS-7.
I want to make integration test between the two applications. The client access the Server through 'https'.
I have created a certificate and assigned it to the server. I also added the certificate to the 'Trusted Root Certification Authorities' to be considered a valid certificate. When I 'hit' the server's services through my browser (IE, chrome...) the certificate appears to be valid. But when my client application tries to access the server then I get the following error:
Could not establish trust relationship for the SSL/TLS secure channel with authority **** --->
The remote certificate is invalid according to the validation procedure.
Is there any way to skip the validation procedure or to make the certificate valid for my client application?
Just to know:
1. I cannot purchase a certificate because I will only use it for testing purposes.
2. I cannot make any changes on any of the application's code (server-client)
I finally managed to figured it out.
The problem was a previous (expired) certificate with the same name that was already added to the 'Trusted Root Certification Authorities'. Every time I was installing my new certificate through the 'Certificate Import Wizard' (or through MMC) the wizard informed me that it was successfully added. However, it was keeping the instance of the previous certificate without overwriting it.
Modify the validation callback to always return true:
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, policyErrors) => true;
Or does that violate the 'no changes to code' condition?
How did you install the certificate into your trusted root store?
If you went through a browser to do it, most likely you only added it to the current user. Try adding it through the MMC snap-in for the Local Computer Account instead; this is where we install our self-signed IIS Express certificates and WCF seems happy with them.