1

so my company has implemented Oauth2.0 on two different internal servers. when i try using karate to get the token back on the myldev server. i get it back with any issues. (with configure ssl = True)

But when i do the exact same call against the mylqa server. i get the following error

11:01:46.113 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Opening connection {s}-> private url 11:01:46.113 [main] DEBUG org.apache.http.impl.conn.DefaultHttpClientConnectionOperator - Connecting to mylqa.corp.realpage.com/10.34.208.35:443 11:01:46.113 [main] DEBUG org.apache.http.conn.ssl.LenientSslConnectionSocketFactory - Connecting socket to mylqa.corp.realpage.com/10.34.208.35:443 with timeout 30000 11:01:46.117 [main] DEBUG org.apache.http.conn.ssl.LenientSslConnectionSocketFactory - Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2] 11:01:46.120 [main] DEBUG org.apache.http.conn.ssl.LenientSslConnectionSocketFactory - Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 11:01:46.120 [main] DEBUG org.apache.http.conn.ssl.LenientSslConnectionSocketFactory - Starting handshake 11:01:46.126 [main] DEBUG org.apache.http.impl.conn.DefaultManagedHttpClientConnection - http-outgoing-3: Shutdown connection 11:01:46.127 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Connection discarded 11:01:46.127 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection released: [id: 3][route: {s}-> [private url][total kept alive: 0; route allocated: 0 of 5; total allocated: 0 of 10] 11:01:46.127 [main] ERROR com.intuit.karate - java.net.SocketException: Connection reset, http call failed after 194 milliseconds for URL: private url 11:01:46.127 [main] ERROR com.intuit.karate - http request failed: java.net.SocketException: Connection reset

I havent faced this issue with other tools in my mac. Jmeter which uses apache client 4.5.5 didnt have an issue getting the response back

Regards, JK

P.S. im kinda new to ssl and https. so please go easy on me. Also ive made sure that both dev server and qa server have the exact same configuration.

Jawad Kalia
  • 286
  • 2
  • 16

1 Answers1

1

You are sure that both are HTTPS right ? It sounds very much like the QA server has stronger encryption in place. Have a look at this ticket and I hope that gets you on your way !

https://github.com/intuit/karate/issues/243

EDIT - extra info:

Someone else had a similar question, but sadly no answer yet: Link

Similar issue turned out to be missing Accept header: Link

Can you try the new custom certificate support: https://github.com/intuit/karate#x509-certificate-authentication

Related question on Stack Overflow: SSLHandshakeException for a simple GET request in Karate Framework

Peter Thomas
  • 54,465
  • 21
  • 84
  • 248
  • Thank you for your response. I did ask my backend developers to check if there is any difference at all in both servers. they found one. and made it identical between each. Thank you for your links and i will look into those. i went through the x509 certification docs as well and tried those out. thing is that we have an internal public certification, that does not have a key file associated with it. i did spend quite some time trying to covert a `.crt` file to a PK8 based key and cert file. and giving it the paths. I will use your suggestions and research more. – Jawad Kalia Mar 12 '18 at 14:41
  • As a follow up question. i was thinking of using JavaScripts xhttp as a work around. but it had an import error for that module. is there a starting point that you can refer me to use packages in javascript code. – Jawad Kalia Mar 12 '18 at 14:44
  • also i used the `Accept` header with value `*/*` – Jawad Kalia Mar 12 '18 at 14:45
  • 1
    @JawadKalia instead of JS I recommend using Java code. refer to the doc on 'Calling Java' – Peter Thomas Mar 12 '18 at 15:22
  • yup i used java. used process builder to make a curl call. and got a work around working. Thanks! – Jawad Kalia Mar 12 '18 at 18:12
  • Seems like it was a firewall issue with our servers. thanks for your quick responses. – Jawad Kalia Mar 21 '18 at 13:46