Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
We're trying to connect to a server but it's having the below error:
Sep 26 11:00:38 server name[8660]: conn=******** fd=*** closed (TLS negotiation failure)
I would like to know if the TLS version of my Unix server is compatible with the server we're connecting to.
Unix server is a Weblogic server.
Maybe using Qualys ssl server test would help to find out what goes on.
Actual TLS versions are 1.2 and brand new 1.3 - older versions should no longer be in use. So verify what is the version of your ssl library and which tls versions they support. Please also note that not only the version could be a problem, but also the configuration of the supported CipherSuite's.
Also a missing firewall configuration could be the reason - for the case that you use a firewall on the server.
Also the servers ssl port could be configured differently - normally its port 443 - but tomcat uses 8443 by default.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I am trying to find website with url https://example.com:8888 in iis, but iis bindings looks like this, this iis is on a vm instance hosted on azure,
when I do netstat I get this (copied picture from internet but I am getting exact same response for 8888),
Problem:
Wildcard certificate expired on "*.example.com" we renewed it on website in iis, it shows certificate valid for 443(https) and 80(http) but it shows certificate as expired for port 8888. I am unable to find binding for this website with port 8888 so that IT team could update it's certificate.
We stopped IIS server and website on 443 and 80 stoped serving however on port 8888 it kept showing certificate expired and didn't go down. However when we shutdown the server instance, it went down as well.
How to find this website so that we could update it's certificate ? thanks
You could check whether 8888 is listened by (PID 4)IIS by using command line:
netstat -ano
If the command line show that IIS is listening to 8888, then you could use this to find the binding& site with port 8888
appcmd list site
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a good experience with Unicorn configuration with conjunction of Nginx, it works really well after optimizations and tuning procedures. But now I have got a question what is the best way to spread the load across multiple machines with Unicorns.
The question is you have 3 machines (Nginx load balancer, 2 APP servers with Unicorns), how do you manage load balancing of Unicorns with serving static assets.
Do you now any drawbacks with connection to Unicorn over TCP (timeouts, connection lost), is there any other way to upstream socket connection over the network (maybe port forwarding over SSH)? Unicorn designed to be stateless, but how do you manage the edge cases?
I don't want to serve static from balancer node, so would it be ok to setup Nginx on each of APP server and setup dumb Nginx balancer in front of them?
P.S. My current configuration is well-tested and can be found on Github, but the setup with Nginx+Unicorn on the same machine that already became a bottleneck.
UPDATE: Development is rigidly depends on the specific server configuration. Bottlenecks are going to happen not just because of developer's decisions, but also with the environment where he run it. Stackoverlow is full with highly marked Q&A related to the hard-to-know details about specific configuration. Alex who answered below works with Github I'm really appreciate to have a reply by such qualified person!
Don't access the Unicorns over TCP/network.
Your setup seems just fine, you can simply add a load-balancer in front of the APP servers, but I would suggest Keepalived (LVS ftw) as load-balancer instead of Nginx.
You can have them balance connections to the APP servers running Nginx+Unicorns over sockets.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I have server, bought from Linode. I decided to setup a mail server on it. I have about 20 domains will be pointing it.
I have a couple of questions;
This is the combination i will use; postfix + dovecot + squirrelmail. Are there better alternatives? I am completely open for recommadations because this is the first time i will setup a mail server.
Is it possible to use multiple domains with one mail server?
If it is possible to work with multiple domains, is it require a complicated and painful configuration?
Note: I can't use Google Apps because 40 EUR for per mail address is very expensive when you have a hundred mail address.
You have to have at least a basic understanding of how DNS works. It can be kind of a pain, but if you use one of the postfix plugins for management, should be fine. But yes, multi-domains on the same server is fine, it just has to know that it is representing those host hame records, and your DNS for your domains needs to be configured to have the MX records point at your server's IP.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
My goal is to implement SPDY protocol (a new experimental protocol by GOOGLE) on IIS servers.
SPDY is a TCP based application level protocol and as such I am guessing that I have to
work at TCP level (socket programing) as the built in extensions are for HTTP.
My problem is that once I write a socket programing code to do the same, where do I plug it into IIS7? WAS looks like a good candidate and if so, how do I go about doing it?
IIS has little or nothing to do with SPDY. IIS is just an application server that responds to HTTP requests handed off by the http.sys kernel mode driver. All HTTP requests in Windows are handled by this driver.
This is the level at which SPDY would be need to be implemented.
If you were to implement SPDY you'd need to have this as a shim driver between the TCP stack and http.sys, or maybe even write your own http.sys driver.
Alternatively you could write your own SPDY/HTTP stack but if you wanted to use this with IIS then you're in for a lot of work.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I have Postfix 2.3 on Centos 5.5 server.
I followed this how to http://wiki.centos.org/HowTos/postfix_sasl to configure Postfix to accept only TLS connections and reject plain authentication.
It seems that it working but only from the local machine (Postfix server itself) If I try to 'telnet' mail server from outside of the LAN connection immediately closes after it established.
telnet mail.some-server.com 25
Trying aaa.bbb.ccc.ddd...
Connected to mail.some-server.com (aaa.bbb.ccc.ddd).
Escape character is '^]'.
Connection closed by foreign host.
I have spent full day on reading Postfix manual and tried set permissive mode but not got even closer to the solution.
Please help.
My problem was in Postfix configuration of inet_interfaces that was restricting Postfix to listen on localhost only.
Solution: edit inet_interfaces in the file /etc/postfix/main.cf
# Listen to all interfaces rather than strict to localhost
inet_interfaces = all
Reload Postfix configuration:
postfix reload
Use 'postfix check'
Use 'tailf /var/log/mail.warn', or replace 'tailf' with 'tail -n 100' just to see the last 100 rows of the log.
The point is, something in the settings is wrong, and therefor the server can't handle the request properly. remember to reload postfix.