Develop Reference

Connecting to Snowflake using Okta from R Workbench

Hi, I am trying to connect to snowflake from R Workbench. This is the error received while connecting with okta.
con <- dbConnect(jdbcDriver, "jdbc:snowflake://company.snowflakecomputing.com/?authenticator=https://company.okta.com/", 'name#company.com', 'pass')
Sep 16, 2021 10:07:42 PM net.snowflake.client.core.SessionUtil handleFederatedFlowError
SEVERE: IOException when authenticating with https://company.okta.com/
java.net.MalformedURLException: no protocol: /login/cert
at java.net.URL.(URL.java:611)
at java.net.URL.(URL.java:508)
at java.net.URL.(URL.java:457)
at net.snowflake.client.core.SessionUtil.isPrefixEqual(SessionUtil.java:1218)
at net.snowflake.client.core.SessionUtil.federatedFlowStep4(SessionUtil.java:999)
at net.snowflake.client.core.SessionUtil.getSamlResponseUsingOkta(SessionUtil.java:1206)
at net.snowflake.client.core.SessionUtil.newSession(SessionUtil.java:378)
at net.snowflake.client.core.SessionUtil.openSession(SessionUtil.java:284)
at net.snowflake.client.core.SFSession.open(SFSession.java:446)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initialize(DefaultSFConnectionHandler.java:104)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initializeConnection(DefaultSFConnectionHandler.java:79)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.initConnectionWithImpl(SnowflakeConnectionV1.java:116)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.(SnowflakeConnectionV1.java:96)
at net.snowflake.client.jdbc.SnowflakeDriver.connect(SnowflakeDriver.java:164)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:247)
Sep 16, 2021 10:07:43 PM net.snowflake.client.core.SessionUtil handleFederatedFlowError
SEVERE: IOException when authenticating with https://company.okta.com/
java.net.MalformedURLException: no protocol: /login/cert
at java.net.URL.(URL.java:611)
at java.net.URL.(URL.java:508)
at java.net.URL.(URL.java:457)
at net.snowflake.client.core.SessionUtil.isPrefixEqual(SessionUtil.java:1218)
at net.snowflake.client.core.SessionUtil.federatedFlowStep4(SessionUtil.java:999)
at net.snowflake.client.core.SessionUtil.getSamlResponseUsingOkta(SessionUtil.java:1206)
at net.snowflake.client.core.SessionUtil.newSession(SessionUtil.java:378)
at net.snowflake.client.core.SessionUtil.openSession(SessionUtil.java:284)
at net.snowflake.client.core.SFSession.open(SFSession.java:446)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initialize(DefaultSFConnectionHandler.java:104)
at net.snowflake.client.jdbc.DefaultSFConnectionHandler.initializeConnection(DefaultSFConnectionHandler.java:79)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.initConnectionWithImpl(SnowflakeConnectionV1.java:116)
at net.snowflake.client.jdbc.SnowflakeConnectionV1.(SnowflakeConnectionV1.java:96)
at net.snowflake.client.jdbc.SnowflakeDriver.connect(SnowflakeDriver.java:164)
Error in .jcall(drv#jdrv, "Ljava/sql/Connection;", "connect", as.character(url)[1], :
net.snowflake.client.jdbc.SnowflakeSQLException: JDBC driver encountered communication error. Message: Exception encountered when opening connection: no protocol: /login/cert.

I presume that Okta is set up with MFA. If so, the error is because of that since Snowflake drivers does not support Native authentication for Okta with MFA enabled.
You need to use externalbrowser as the authenticator option if the requirement is to use Okta + MFA.

ERROR - DataEndpointConnectionWorker Error while trying to connect to the endpoint. Cannot borrow client for ssl://localhost:7712

There was two similar question in stackoverflow but cloud't help me to solve the probelm.
I want to use loadbalancing for two nodes of wso2 api manager 3.2.0 using Nginx. I configured api manager as following :
could you please guide me?
[transport.https.properties]
proxyPort = 443
[server]
hostname = "api.am.wso2.com"
node_ip = "127.0.0.1"
#offset=0
mode = "single" #single or ha
[super_admin]
username = "admin"
password = "admin"
create_admin_account = true
[user_store]
type = "database_unique_id"
[apim.throttling]
event_duplicate_url = ["tcp://172.24.64.115:5673"]
[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://172.24.64.114:9611"]
traffic_manager_auth_urls = ["ssl://172.24.64.114:9711"]
type = "loadbalance"
[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://172.24.64.115:9612"]
traffic_manager_auth_urls = ["ssl://172.24.64.115:9712"]
type = "loadbalance"
[apim.analytics]
enable = true
store_api_url = "https://localhost:7444"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
event_publisher_type = "default"
event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher"
publish_response_size = true
[[apim.analytics.url_group]]
analytics_url =["tcp://172.25.129.69:7611","tcp://172.25.129.70:7611"]
analytics_auth_url =["ssl://172.25.129.69:7711","ssl://172.25.129.70:7711"]
type = "loadbalance"
#[[apim.analytics.url_group]]
#analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"]
#analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"]
#type = "failover"
.
While ruuning wso2server.sh faced following exception :
StandardEngine[Catalina].StandardHost[localhost].StandardContext[/keymanager-operations].File[/opt/v1/wso2am-3.2.0/repository/deployment/server/webapps/keymanager-operations.war]
[2021-07-28 16:29:32,729] WARN - DataEndpointGroup No receiver is reachable at reconnection, will try to reconnect every 30 sec
[2021-07-28 16:29:32,732] ERROR - DataEndpointConnectionWorker Error while trying to connect to the endpoint. Cannot borrow client for ssl://localhost:7712
org.wso2.carbon.databridge.agent.exception.DataEndpointAuthenticationException: Cannot borrow client for ssl://localhost:7712
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:147) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59) [org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_291]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_291]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_291]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_291]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_291]
Caused by: org.wso2.carbon.databridge.agent.exception.DataEndpointSecurityException: Error while trying to connect to ssl://localhost:7712
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftSecureClientPoolFactory.createClient(ThriftSecureClientPoolFactory.java:81) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at org.wso2.carbon.databridge.agent.client.AbstractClientPoolFactory.makeObject(AbstractClientPoolFactory.java:39) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1212) ~[commons-pool_1.5.6.wso2v1.jar:?]
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:137) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
... 6 more
Caused by: org.apache.thrift.transport.TTransportException: Could not connect to localhost on port 7712
at org.apache.thrift.transport.TSSLTransportFactory.createClient(TSSLTransportFactory.java:273) ~[libthrift_0.12.0.wso2v1.jar:?]
at org.apache.thrift.transport.TSSLTransportFactory.getClientSocket(TSSLTransportFactory.java:173) ~[libthrift_0.12.0.wso2v1.jar:?]
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftSecureClientPoolFactory.createClient(ThriftSecureClientPoolFactory.java:64) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at org.wso2.carbon.databridge.agent.client.AbstractClientPoolFactory.makeObject(AbstractClientPoolFactory.java:39) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1212) ~[commons-pool_1.5.6.wso2v1.jar:?]
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:137) ~[org.wso2.carbon.databridge.agent_5.2.26.jar:?]
... 6 more
Caused by: java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:1.8.0_291]
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:476) ~[?:1.8.0_291]
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:218) ~[?:1.8.0_291]
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:200) ~[?:1.8.0_291]
Server (69) & Server(70) as following:
# Carbon Configuration Parameters
wso2.carbon:
type: wso2-apim-analytics
# value to uniquely identify a server
id: wso2-am-analytics
# server name
name: WSO2 API Manager Analytics Server
# ports used by this server
ports:
# port offset
offset: 1
wso2.transport.http:
transportProperties:
-
name: "server.bootstrap.socket.timeout"
value: 60
-
name: "client.bootstrap.socket.timeout"
value: 60
-
name: "latency.metrics.enabled"
value: true
-
# Data receiver configuration
dataReceiver:
# Data receiver type
# THIS IS A MANDATORY FIELD
type: Thrift
# Data receiver properties
properties:
tcpPort: '7611'
sslPort: '7711'
-
# Data receiver configuration
dataReceiver:
# Data receiver type
# THIS IS A MANDATORY FIELD
type: Binary
# Data receiver properties
properties:
tcpPort: '9611'
sslPort: '9711'
tcpReceiverThreadPoolSize: '100'
sslReceiverThreadPoolSize: '100'
hostName: 0.0.0.0
Clould you please help me ?

If you have configured the Analytics node with an offset than the default, it is required to configure both analytics_url and analytics_auth_url under apim.analytics.url_group configuration pointing to the correct Hostname and Ports of the Analytics server.
To fail to do so, we can observe the above-mentioned Connection Refused error in the API Manager side, as it was trying to communicate with the Analytics and there aren't any ports opened to listen to the communication channel. Therefore, please make sure that you have configured the analytics_url and analytics_auth_url pointing to the Analytics node in both of your API Manager nodes. You can refer to the following docs for instructions.

QWebSocket doesn't connect over TLS

I have a WebSocket which works good over WebSocket protocol, but I can not switch to WebSocketSecure protocol, It doesn't generate any errors on server side, client says error:141970DF:SSL routines:tls_construct_cke_psk_preamble:psk identity not found. The certificate was generated by certbot and is used of for https web site on same domain.
Server code:
QSslConfiguration conf = server.sslConfiguration();
QFile * privkey =
new QFile{"/etc/letsencrypt/live/example.com/privkey.pem"};
privkey->open(QFile::ReadOnly);
conf.setCaCertificates(QSslCertificate::fromPath(
"/etc/letsencrypt/live/example.com/fullchain.pem"));
conf.setPrivateKey(QSslKey(privkey));
conf.setProtocol(QSsl::TlsV1_0);
server.setSslConfiguration(conf);
if (server.listen(QHostAddress::Any, 54045)) {
connect(
&server, &QWebSocketServer::newConnection, this,
&Server::onNewConnection);
connect(&server, &QWebSocketServer::closed, this, &Server::closed);
qDebug() << "server started";
}
The client code:
import QtQuick 2.13
import QtWebSockets 1.13
WebSocket {
active: true
url: "wss://example.com:54045"
}
Output of openSSL:
$ openssl s_client -connect example.com:54045
CONNECTED(00000003)
140623606740288:error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading:ssl/record/rec_layer_s3.c:302:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 325 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Opendkim marking incomming messages as dkim=fail

I am configuring opendkim+postfix. It is working OK and sent messages are correctly signed but the incomming messages are all marked as dkim=fail reason="signature verification failed"
How con I debug this problem?
Return-Path: <sender#gmail.com>
Delivered-To: recipient#mydomain.com
Received: from localhost (mailserver [127.0.0.1])
by mydomain.com (Postfix) with SMTP id 4DDF93F966
for <recipient#mydomain.com>; Tue, 24 Oct 2017 13:56:43 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mydomain.com 4DDF93F966
Authentication-Results: mydomain.com;
dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=#gmail.com header.b="jmdDmXQb"
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.85.215.43; helo=mail-lf0-f43.google.com; envelope-from=sender#gmail.com; receiver=recipient#mydomain.com
DMARC-Filter: OpenDMARC Filter v1.3.2 mydomain.com 2DBE03F963
Authentication-Results: mail.mydomain.com; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.mydomain.com; spf=pass smtp.mailfrom=sender#gmail.com
The syslog reports this which looks OK
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: [209.85.215.45] [209.85.215.45] not internal
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: not authenticated
Oct 24 14:08:39 mailz opendkim[3325]: 4A29F3F938: DKIM verification successful
But later it adds:
Oct 24 14:08:43 mailzener postfix/cleanup[3194]: 6CC243F95E: message-id=<CAMXuvOM+jKLkE=0FrQ+cSqFesmPQujpHoVsfH9G_URg9uYtm1g#mail.gmail.com>
Oct 24 14:08:43 mailzener opendkim[3325]: 6CC243F95E: no signing table match for 'sender#gmail.com'
Oct 24 14:08:43 mailzener opendkim[3325]: 6CC243F95E: bad signature data
My opendkim configuration file is this:
AutoRestart Yes
AutoRestartRate 10/1h
LogWhy Yes
Syslog Yes
SyslogSuccess Yes
Mode sv
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
#InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
SignatureAlgorithm rsa-sha256
Socket inet:8891#localhost
PidFile /var/run/opendkim/opendkim.pid
UMask 022
UserID opendkim:opendkim
TemporaryDirectory /var/tmp
OversignHeaders From
LogWhy Yes
X-Header yes
MilterDebug 9
ResolverTracing Yes

As you can see from the Queue ID 4A29F3F938 vs 6CC243F95E, these are two different mails.
4A29F3F938 is incoming and is verifying OK. 6CC243F95E is outgoing, and I guess opendkim tries to sign the mail. You need to elaborate on your processing of the mail in the lines inbetween :)

How to send email via smtp server from iis 7 & php 7.1, not working with phpmailer

Using IIS 7 and PHP7.1
We i managed to connect my server to our SMTP server (on a different IP Address)
I did this by quiet simply editing my php.ini file
SMTP = mail.<Domain>.co.uk
smtp_port = 25
sendmail_from = mail#<Domain>.co.uk
And by calling a php script, an email was sent
<?php
$msg = "Hello Do I Work Im From the Server";
mail("joe#<Domain>.co.uk","My subject",$msg);
?>
This worked providing that the email recipient was on the same domain.
However the request came for emails to be sent to anyone. When i tried this, using above code and settings i got this error
PHP Warning: mail(): SMTP server response: 550 5.7.1 Unable to relay in …
Having a quick read i found that PHP 7.1 don't allow smtp passwords which the lack caused the above error. Id need a external mail library
1) Was this correct
i downloaded and installed phpmailer (i can change this if required) and ran the following script
<?php
require_once "PHPMailerAutoload.php";
$mail = new PHPMailer;
$mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = "mail.<Domain>.co.uk";
$mail->SMTPAuth = true;
$mail->Username = "mail#<Domain>.co.uk";
$mail->Password = "<Password>";
$mail->SMTPSecure = "tls";
$mail->Port = 25;
$mail->From = "mail#<Domain>.co.uk";
$mail->FromName = "Mail";
$mail->addAddress("joe#<Domain>.co.uk");
$mail->addReplyTo("mail#<Domain>.co.uk", "Reply");
$mail->isHTML(true);
$mail->Subject = "Test";
$mail->Body = "From the Server";
if(!$mail->send())
{
echo "Mailer Error: " . $mail->ErrorInfo;
}
else
{
echo "Message has been sent successfully";
}
?>
I ran this and got the error
2017-05-19 11:57:52 Extension missing: openssl Mailer Error: Extension missing: openssl
So i uncommented this in my php.ini
extension=php_openssl.dll
Reran the script and got
2017-05-19 11:59:14 Connection: opening to mail.<Domain>.co.uk:25, timeout=300, options=array ( ) 2017-05-19 11:59:14 Connection: opened 2017-05-19 11:59:14
SERVER -> CLIENT: 220 PATHEX01.pathways.local Microsoft ESMTP MAIL Service ready at Fri, 19 May 2017 12:59:14 +0100 2017-05-19 11:59:14
CLIENT -> SERVER: EHLO www.<Domain>.co.uk 2017-05-19 11:59:14
SERVER -> CLIENT: 250-PATHEX01.pathways.local Hello [146.255.105.211] 250-SIZE 37748736 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-X-ANONYMOUSTLS 250-AUTH NTLM 250-X-EXPS GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250-CHUNKING 250 XRDST 2017-05-19 11:59:14
CLIENT -> SERVER: STARTTLS 2017-05-19 11:59:14
SERVER -> CLIENT: 220 2.0.0 SMTP server ready 2017-05-19 11:59:15 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed [C:\inetpub\wwwroot\EmailTest\class.smtp.php line 369] 2017-05-19 11:59:15 SMTP Error: Could not connect to SMTP host. 2017-05-19 11:59:15
CLIENT -> SERVER: QUIT 2017-05-19 11:59:15
SERVER -> CLIENT: 2017-05-19 11:59:15 SMTP ERROR: QUIT command failed: 2017-05-19 11:59:15 Connection: closed 2017-05-19 11:59:15 SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Can anyone suggest what I'm doing wrong? Thanks