Thanks Peter,
I still do not see the hsts header. I'm wondering if this is causing it.
SSL certificate verify result: self signed certificate in certificate chain
(19), continuing anyway.
I don't know why it's complaining as the certificate for Tomcat is not a
self-signed certificate.
Jon,
Oh, I see there is a redirect. I do see a similar behavior on redirects (302)
or auth (401 eg. on the manager app). But HSTS on 200, 404 or 403.
What happens if you call "/c/portal/license" ?
Peter
> Am 21.04.2023 um 23:05 schrieb jonmcalexan...@wellsfargo.com.invalid
> :
>
> Here is
Here is the output from a powershell command:
Invoke-WebRequest -Uri https://ldvwa00a0010.wellsfargo.com:8443
-MaximumRedirection 0 | Select-Object -ExpandProperty Headers
KeyValue
----
X-Content-Type-Options nosniff
X-Frame-OptionsSAMEORIGIN
Hey Peter,
Yes, the context is ROOT as this app does have a ROOT component.
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions
8080 Cobblestone
That document is mostly about a corrupted install in Weblogic, but after
that, it suggests making sure you are using the urandom (non-blocking)
random number generator. If you're using the blocking RNG, it would
explain why the issue is not easily repeatable.
Jon,
again, the Qualys Scanner usually does not know any other webcontexts than
root, manager and examples. So if you don't have a root context, it may well
end up in the woods and the result will not have a HSTS-Header. Can you verify
the requested resource?
Best regards
Peter
> Am
in general. something all purpose to get started with
On Fri, Apr 21, 2023, 14:17 Christopher Schultz <
ch...@christopherschultz.net> wrote:
> Kevin,
>
> On 4/21/23 09:35, Kevin Huntly wrote:
> > I'm not a DBA nor do I pretend to be, so I'm asking what everyone's
> > thoughts are on MySQL
Jon,
On 4/21/23 11:47, jonmcalexan...@wellsfargo.com.INVALID wrote:
Thank you Olaf, however, the connection was made over https directly
to Tomcat on port 8443.
Sample curl with secrets removed?
-chris
-Original Message-
From: Olaf Kock
Sent: Friday, April 21, 2023 1:48 AM
To:
Kevin,
On 4/21/23 09:35, Kevin Huntly wrote:
I'm not a DBA nor do I pretend to be, so I'm asking what everyone's
thoughts are on MySQL connection string settings? What are the best options
to use, what options are absolutely required, etc?
Just ... in general? Or do you have a specific
Harri,
On 4/21/23 04:39, Harri Pesonen wrote:
No, I think that I have seen this only once now, but of course it might have
happened more than once.
Googling says that other people have seen this as well, but very randomly.
Apparently the problem happens in Windows function, but JNI call does
Thank you Olaf, however, the connection was made over https directly to Tomcat
on port 8443.
Thanks,
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure
Hi Everyone,
I'm not a DBA nor do I pretend to be, so I'm asking what everyone's
thoughts are on MySQL connection string settings? What are the best options
to use, what options are absolutely required, etc?
Kevin Huntly
Email: kmhun...@gmail.com
No, I think that I have seen this only once now, but of course it might have
happened more than once.
Googling says that other people have seen this as well, but very randomly.
Apparently the problem happens in Windows function, but JNI call does not tell
the reason for failure.
This happened in
Am 21.04.23 um 07:03 schrieb jonmcalexan...@wellsfargo.com.INVALID:
No, there is no error and no stack trace. Everything works, just the hsts
header isn't in the list of headers.
The lowest hanging fruit: HSTS is only defined on https - on http it
doesn't have any meaning and Tomcat would
14 matches
Mail list logo
