FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. zradick
    Z
    • Profile
    • Following 0
    • Followers 0
    • Topics 2
    • Posts 4
    • Best 3
    • Controversial 0
    • Groups 0

    zradick

    @zradick

    3
    Reputation
    2
    Profile views
    4
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    zradick Unfollow Follow

    Best posts made by zradick

    • HTTPS port (9013) not exposed?

      We are attempting to upgrade to fusion auth 1.41.3 from 1.36.7. Previously 1.36.7 exposed port 9013 for HTTPS via the Docker image. Now it appears that it does not?

      The same docker compose bindings that were used previously now don't appear to work:

          image: fusionauth/fusionauth-app:1.41.3
    ports:
      - 9013:9013

      I see in the startup that it is exposing 9011 and 9012 as HTTP but I don't see anything about 9013 or HTTPS:

      fusionauth_1                      | 2022-12-01 07:14:03.005 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
fusionauth_1                      | 2022-12-01 07:14:03.041 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9011]
fusionauth_1                      | 2022-12-01 07:14:03.042 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully
fusionauth_1                      | 2022-12-01 07:14:03.042 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
fusionauth_1                      | 2022-12-01 07:14:03.052 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9012]
fusionauth_1                      | 2022-12-01 07:14:03.053 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully

      I attempted to specify the HTTPS port as well but that did not seem to change things:

            - FUSIONAUTH_APP_HTTPS_PORT=9013
      posted in General Discussion
      Z
      zradick
    • RE: Error 403 with Nginx in front

      We are seeing a similar issue. The API appears to be working from our application perspective but we are seeing a similar 403 after attempting to log in to the admin console using the existing username and password. Our nginx configuration is similar:

      server {
	listen 80;
	listen [::]:80;

	location / {
		rewrite ^ https://$host$request_uri? permanent;
	}
}

error_log /var/log/nginx/error.log info;

server {
    listen 8443 ssl;
    listen [::]:8443 ssl;
    server_name _;

    ssl_certificate /etc/ssl/certs/nginx.crt;
    ssl_certificate_key /etc/ssl/private/nginx.key;

    access_log            /var/log/nginx/access.log;

    proxy_set_header        X-Forwarded-Proto https;
    proxy_set_header        X-Forwarded-Port 8443;
    proxy_set_header        X-Forwarded-Host $host;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Server $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        Accept-Encoding "";

    location / {
        proxy_http_version 1.1;
        proxy_pass http://127.0.0.1:9011/;
    }
}
      posted in Q&A
      Z
      zradick
    • RE: Error 403 with Nginx in front

      @dan Thanks, we are running the nginx tightly coupled with our fusion auth deploy (we modified the Docker file in order to start both together in a single container) so that we can deploy it to AWS Fargate. I'm not sure exactly why we were getting a 403 hitting the admin endpoint for auth through the LB, however we are closing off ingress to the public internet anyway and we are able to successfully auth when tunneled through our bastion host and the application API is working so we can at least upgrade to 1.41.3 for the security patch there.

      posted in Q&A
      Z
      zradick

    Latest posts made by zradick

    • RE: Error 403 with Nginx in front

      @dan Thanks, we are running the nginx tightly coupled with our fusion auth deploy (we modified the Docker file in order to start both together in a single container) so that we can deploy it to AWS Fargate. I'm not sure exactly why we were getting a 403 hitting the admin endpoint for auth through the LB, however we are closing off ingress to the public internet anyway and we are able to successfully auth when tunneled through our bastion host and the application API is working so we can at least upgrade to 1.41.3 for the security patch there.

      posted in Q&A
      Z
      zradick
    • RE: Error 403 with Nginx in front

      We are seeing a similar issue. The API appears to be working from our application perspective but we are seeing a similar 403 after attempting to log in to the admin console using the existing username and password. Our nginx configuration is similar:

      server {
	listen 80;
	listen [::]:80;

	location / {
		rewrite ^ https://$host$request_uri? permanent;
	}
}

error_log /var/log/nginx/error.log info;

server {
    listen 8443 ssl;
    listen [::]:8443 ssl;
    server_name _;

    ssl_certificate /etc/ssl/certs/nginx.crt;
    ssl_certificate_key /etc/ssl/private/nginx.key;

    access_log            /var/log/nginx/access.log;

    proxy_set_header        X-Forwarded-Proto https;
    proxy_set_header        X-Forwarded-Port 8443;
    proxy_set_header        X-Forwarded-Host $host;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Server $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        Accept-Encoding "";

    location / {
        proxy_http_version 1.1;
        proxy_pass http://127.0.0.1:9011/;
    }
}
      posted in Q&A
      Z
      zradick
    • HTTPS port (9013) not exposed?

      We are attempting to upgrade to fusion auth 1.41.3 from 1.36.7. Previously 1.36.7 exposed port 9013 for HTTPS via the Docker image. Now it appears that it does not?

      The same docker compose bindings that were used previously now don't appear to work:

          image: fusionauth/fusionauth-app:1.41.3
    ports:
      - 9013:9013

      I see in the startup that it is exposing 9011 and 9012 as HTTP but I don't see anything about 9013 or HTTPS:

      fusionauth_1                      | 2022-12-01 07:14:03.005 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
fusionauth_1                      | 2022-12-01 07:14:03.041 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9011]
fusionauth_1                      | 2022-12-01 07:14:03.042 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully
fusionauth_1                      | 2022-12-01 07:14:03.042 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
fusionauth_1                      | 2022-12-01 07:14:03.052 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9012]
fusionauth_1                      | 2022-12-01 07:14:03.053 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully

      I attempted to specify the HTTPS port as well but that did not seem to change things:

            - FUSIONAUTH_APP_HTTPS_PORT=9013
      posted in General Discussion
      Z
      zradick
    • Issue starting up docker image with FUSIONAUTH_APP_ADDITIONAL_JAVA_ARGS

      When I add the following to my docker compose file:

      - FUSIONAUTH_APP_ADDITIONAL_JAVA_ARGS="-Djavax.net.ssl.keyStore=/fusionauth/example.p12 -Djavax.net.ssl.keyStorePassword=****"

      I see the following when starting up:

      Error: Could not find or load main class "-Djavax.net.ssl.keyStore=.fusionauth.example.p12

      This same environment configuration option was working for older versions of fusion auth (1.36.7). Is this no longer a valid configuration option?

      posted in General Discussion
      Z
      zradick