DH keypair exception in salesforce - salesforce

I want to get access token of go instant api and I when I did this it send me following error
17:21:46:505 EXCEPTION_THROWN [10]|System.CalloutException:
java.lang.RuntimeException: Could not generate DH keypair
Please help me with this problem.

The issue has been resolved. It was due to a misconfiguration on our TLS endpoint that made it incompatible with Apex Callouts (and some Java versions). I've confirmed Apex Callouts are once again working.

It sounds like your SSL Library doesn't support 2048-bit DH parameters. Take a look at the BouncyCastle SSL Library as an alternative to what you're using. https://www.bouncycastle.org/latest_releases.html If you continue to have problems after changing to BouncyCastle, please email us at support at goinstant.com so we can do a more in-depth debug of your problems.
re: https://developers.goinstant.com/v1/rest-api/authentication.html#comment-1397240856

Related

Sending email with camel

I'm having issues sending an email out through camel with the java dsl.
I've been using the camel mail guide but I receive the following error.
Caused by: [com.sun.mail.util.MailConnectException - Couldn't connect to host, port: smtp.google.com, 25; timeout 30000]
Here is what I have in my route
from("timer://foo?period=5000") // Create a message every 5 seconds
.setHeader("subject", simple("hello from camel"))
.setBody(simple("camel"))
.log("sending?")
.to("smtps://smtp.google.com?password=mypass123&username=user#custom.com&From=user#custom.com&To=testuser#gmx.com");
The email service is actually provided by gmail. Now I did see a gmail plugin, but its pretty tough to find an example, so I thought I would use the standard method for now. But if someone knows the solution using it, I welcome it!
PS. I have camel-mail dependency and thecamel-google-mail which I'm not using.
Versions 2.20.2
It was due to less secure apps not fully being turned off.
Use this link here https://www.google.com/settings/security/lesssecureapps
Also some of the silly mistakes pointed out in the comments.
Thanks!

HTTPS warning for Sites in Salesforce

I am getting following error on a browser when i open Secure(HTTPS) Site URL for my sandbox org,
You attempted to reach **.cs9.force.com, but instead you actually reached a server identifying itself as .cs9.force.com. This may be caused by a misconfiguration on the server or by something more serious
The problem arises because i am using Sites for exposing WS and the HTTPS warning gives error on client side while interacting with WS.
How can i configure my org to resolve HTTPS warning message?
Because you are using sites you are able to use HTTP. There is no way to change the HTTPS Site settings. And there is no way to upload your own SSL-Certificate.
Dont know if your problem is resolved by now or not. But you need to configure your WS to accept wildcard SSL certificates. I am currently facing this issue and following link may be helpful to you.
I can't use this solution because of shared weblogic server across many applications. If you have found any solution to above, can you please comment here.

libcurl c/c++ Kerberos authentication

Does anybody have any experience with libcurl (C/C++) and Kerberos authentication?
I am able to set everything up and post data - however, now we have switched on SSO (via SPNEGO on a JBoss server) I am unable to authenticate properly, with authorization being downgraded to Basic.
At this stage I am using curl_easy_setopt(curl,CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE) and have also set the CURLOPT_KRBLEVEL to "private".
Looking at the headers in wireshark, the response from curl doesn't provide any credentials - which is throwing an EncryptionKey exception on the JBoss server. I am able to authenticate on the server via .NET using cached credentials and a httprequest object. Only problem is we can't use .NET on this project.
Thanks in advance for any help.
As an additional point. I have just seen that under libcurl Kerberos is only supported for ftp. I am trawling the source to try and confirm if this is the case. Anybody know of any other libraries that we might be able to use to perform our POST?
Ok - for anybody that reaches this point...
I downloaded this version: http://curl.haxx.se/download.html win 32 generic.
It is compiled to run under ssh, ntlm and kerberos etc. The download includes the relevant DLL's you will need to create apps for any environment that requires cached credentials.
If you want specific code - pertaining to using callbacks, chunking etc, drop me a line and I can forward it to you. Given the flexibility of the curl library - it would be a bit much to just drop a ton of code here. Once you have the curl.exe up and running, there is a cmd line switch that can output the equivalent code to a text file (although it doesn't include information regarding any writecallback functions etc - just the easy setup options required). Thanks to n.m for your help - much appreciated. G

CXF: how to access to the generated SOAP request

We have a Web Service client generated with CXF from a WSDL.
We now need to have an access to the generated SOAP requests in order to persist them.
It seems that the framework does not provide this behaviour by default.
Anyway do you guys ever tried to do such a thing?
I am thinking of building my own interceptor that can access to the fully generated message but maybe there is a better choice?
Any advice?
Thanks in advance.
By default CXF uses stax to stream your requests. If you add an interceptor, you can get access to the stax output writer and copy the events.
There is existing code in CXF to force the existence of a DOM tree; see code related to SAAJ and security.
In general, detailed CXF questions get better answers on the CXF user mailing list than here.

How to accept a self-signed SSL certificate in a WCF client?

This may be a stupid question but I just can't find the answer.
What I would like to do:
I have a WCF service hosted by IIS. It is working perfectly, I can access the wsdl, I have a self-signed certificate for the server etc. I would like to call this service from a WPF client.
The problem is, since I have a self-signed certificate, I get the following exception when calling the service:
Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'.
If I access the site (or the service) from a browser, it is no problem, because the browser warns me about the certificate, and gives me the choice of viewing the page anyway. But the WPF client just throws an exception.
I don't want to completely turn off the authentication process, I simply would like to give the users the option of ignoring this warning (as browsers do).
Can anyone provide some code for this? If you ran into a good, detailed tutorial about this, it would be awesome too. (See, my problem with the tutorials I've found is the lack of details)
Here's the minimum amount of code you need to make WCF client accept an arbitrary certificate. This is not secure. Use for testing only. Don't blame me if this code goes berserk and eats your little kitten.
ServicePointManager.ServerCertificateValidationCallback +=
new System.Net.Security.RemoteCertificateValidationCallback(EasyCertCheck);
The call back:
bool EasyCertCheck(object sender, X509Certificate cert,
X509Chain chain, System.Net.Security.SslPolicyErrors error)
{
return true;
}
Code shamelessly lifted from the least helpful answer to Is it possible to force the WCF test client to accept a self-signed certificate?
You can register the certificate yourself. If load the certificate in the client as well, and then register the it as trusted you shouldn't get that warning.
You need to find a X509CertificateCollection and add the certificate to that collection. I had this kind of problem with a SmtpClient running over Ssl.
By hooking the System.Net.ServicePointManager.ServerCertificateValidationCallback or implementing System.Net.ICertificatePolicy and identify my own installed certificate as valid/trusted (attached to the System.Net.ServicePointManager.CertificatePolicy).
This is not WCF stuff per se, but from what I could tell, this should translate to WCF as well. It all depends what WCF is uses under the hood.

Resources