501 error when writing to stream via HTTP API
1,059 views
Skip to first unread message
sven....@gmail.com
May 26, 2017, 5:18:25 AM5/26/17
to Event Store
version: 3.4
I am trying to write to a not-yet existing eventStream in v 3.4 via the HTTP API.
http://docs.geteventstore.com/http-api/3.4.0/writing-to-a-stream/
Using curl to test, I submitted this
curl -v -k -u admin:adminpassword -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e4","eventType": "AcceptedEvent","data":{"url": "https://my.example.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/json" https://myhost.com/streams/mystream
Answer is:
Authorization: Basic YWRtaW46Y2hhbmdlaXQ=
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type:application/json
> Content-Length: 219
>
* upload completely sent off: 219 out of 219 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 501 Unsupported method ('POST')
< Server: BaseHTTP/0.3 Python/2.7.9
< Date: Fri, 26 May 2017 07:26:13 GMT
< Content-Type: text/html
<
<head>
<title>Error response</title>
</head>
<body>
<h1>Error response</h1>
<p>Error code 501.
<p>Message: Unsupported method ('POST').
<p>Error code explanation: 501 = Server does not support this operation.
</body>
-H "Content-Type:application/vnd.eventstore.events+json" did not work either.
-H "Accept ..." did not result a positive result either.
501 points to a server-side error. What is going on there?
I am trying to write to a not-yet existing eventStream in v 3.4 via the HTTP API.
http://docs.geteventstore.com/http-api/3.4.0/writing-to-a-stream/
Using curl to test, I submitted this
curl -v -k -u admin:adminpassword -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e4","eventType": "AcceptedEvent","data":{"url": "https://my.example.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/json" https://myhost.com/streams/mystream
Answer is:
Authorization: Basic YWRtaW46Y2hhbmdlaXQ=
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type:application/json
> Content-Length: 219
>
* upload completely sent off: 219 out of 219 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 501 Unsupported method ('POST')
< Server: BaseHTTP/0.3 Python/2.7.9
< Date: Fri, 26 May 2017 07:26:13 GMT
< Content-Type: text/html
<
<head>
<title>Error response</title>
</head>
<body>
<h1>Error response</h1>
<p>Error code 501.
<p>Message: Unsupported method ('POST').
<p>Error code explanation: 501 = Server does not support this operation.
</body>
-H "Content-Type:application/vnd.eventstore.events+json" did not work either.
-H "Accept ..." did not result a positive result either.
501 points to a server-side error. What is going on there?
Greg Young
May 26, 2017, 5:25:32 AM5/26/17
to event...@googlegroups.com
Server: BaseHTTP/0.3 Python/2.7.9
? is this via a proxy etc?
> --
> You received this message because you are subscribed to the Google Groups
> "Event Store" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to event-store...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Studying for the Turing test
? is this via a proxy etc?
> You received this message because you are subscribed to the Google Groups
> "Event Store" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to event-store...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Studying for the Turing test
sven....@gmail.com
May 26, 2017, 5:42:23 AM5/26/17
to Event Store
As far as I know, there is an SSL reverse proxy, yes.
Greg Young
May 26, 2017, 5:56:17 AM5/26/17
to event...@googlegroups.com
and if you try directly to eventstore? this looks like an error from
the proxy though not 100% sure.
the proxy though not 100% sure.
sven....@gmail.com
May 26, 2017, 6:26:45 AM5/26/17
to Event Store
I tried it directly in the Docker Container / EventStore. Getting correct nginx Server now. No more 501. Curl now yields the following result
curl -v -k -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e4","eventType": "AcceptedEvent","data":{"url": "https://my.system.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" https://localhost/streams/mystream
* Connected to localhost (127.0.0.1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Request CERT (13):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* SSL certificate verify ok.
> POST /streams/printing HTTP/1.1
> User-Agent: curl/7.38.0
> Host: localhost
> Accept: */*
> Content-Type:application/vnd.eventstore.events+json
> Content-Length: 215
>
* upload completely sent off: 215 out of 215 bytes
< HTTP/1.1 400 Bad Request
* Server nginx/1.6.2 is not blacklisted
< Server: nginx/1.6.2
< Date: Fri, 26 May 2017 10:21:08 GMT
< Content-Type: text/html
< Content-Length: 252
< Connection: close
<
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx/1.6.2</center>
</body>
</html>
With other Docker applications that expose REST endpoints, I was always able to connect this way. Not here, though.
curl -v -k -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e4","eventType": "AcceptedEvent","data":{"url": "https://my.system.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" https://localhost/streams/mystream
* Connected to localhost (127.0.0.1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Request CERT (13):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* SSL certificate verify ok.
> POST /streams/printing HTTP/1.1
> User-Agent: curl/7.38.0
> Host: localhost
> Accept: */*
> Content-Type:application/vnd.eventstore.events+json
> Content-Length: 215
>
* upload completely sent off: 215 out of 215 bytes
< HTTP/1.1 400 Bad Request
* Server nginx/1.6.2 is not blacklisted
< Server: nginx/1.6.2
< Date: Fri, 26 May 2017 10:21:08 GMT
< Content-Type: text/html
< Content-Length: 252
< Connection: close
<
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx/1.6.2</center>
</body>
</html>
With other Docker applications that expose REST endpoints, I was always able to connect this way. Not here, though.
sven....@gmail.com
May 26, 2017, 6:41:42 AM5/26/17
to Event Store
Addendum: I will try supplying the p12 cert file. However, with curl -k, that should not really be necessary.
Sven
Sven
sven....@gmail.com
May 26, 2017, 7:03:17 AM5/26/17
to Event Store
Using HTTPS and Certificate, I get a 400 No required SSL certificate was sent.
curl -k -v -cert /certificates/client.p12 -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e5","eventType": "AcceptedEvent","data":{"url": "https://mysystem.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" https://localhost:32772/streams/mystream
* <url> malformed
* Closing connection -1
curl: (3) <url> malformed
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
curl -k -v -cert /certificates/client.p12 -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e5","eventType": "AcceptedEvent","data":{"url": "https://mysystem.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" https://localhost:32772/streams/mystream
* <url> malformed
* Closing connection -1
curl: (3) <url> malformed
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
< Date: Fri, 26 May 2017 10:52:50 GMT
< Content-Type: text/html
< Content-Length: 252
< Connection: close
<
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx/1.6.2</center>
</body>
</html>
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
Using http, all works as intended
curl -v -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e5","eventType": "AcceptedEvent","data":{"url": "https://my.oms.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" http://localhost:2113/streams/mystream
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 2113 (#0)
* SSLv3, TLS alert, Client hello (1):
Using http, all works as intended
curl -v -d '[{"eventId": "fbf4a1a1-b4a3-4dfe-a01f-ec52c34e16e5","eventType": "AcceptedEvent","data":{"url": "https://my.oms.com/pr/0815", "correlationId": "b27465e4-a058-406c-90d2-18c29b9f647c" }, "metadata": { "version": 1 }}]' -H "Content-Type:application/vnd.eventstore.events+json" http://localhost:2113/streams/mystream
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 2113 (#0)
> POST /streams/printing HTTP/1.1
> User-Agent: curl/7.38.0
> Host: localhost:2113
> Accept: */*
> Content-Type:application/vnd.eventstore.events+json
> Content-Length: 215
>
* upload completely sent off: 215 out of 215 bytes
< HTTP/1.1 201 Created
< Access-Control-Allow-Methods: POST, DELETE, GET, OPTIONS
< Access-Control-Allow-Headers: Content-Type, X-Requested-With, X-Forwarded-Host, X-PINGOTHER, Authorization, ES-LongPoll, ES-ExpectedVersion, ES-EventId, ES-EventType, ES-RequiresMaster, ES-HardDelete, ES-ResolveLinkTo, ES-ExpectedVersion
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Location, ES-Position
< Location: http://localhost:2113/streams/printing/1
< Content-Type: text/plain; charset=utf-8
* Server Mono-HTTPAPI/1.0 is not blacklisted
< Server: Mono-HTTPAPI/1.0
< Date: Fri, 26 May 2017 11:00:54 GMT
< Content-Length: 0
< Keep-Alive: timeout=15,max=100
< Access-Control-Allow-Methods: POST, DELETE, GET, OPTIONS
< Access-Control-Allow-Headers: Content-Type, X-Requested-With, X-Forwarded-Host, X-PINGOTHER, Authorization, ES-LongPoll, ES-ExpectedVersion, ES-EventId, ES-EventType, ES-RequiresMaster, ES-HardDelete, ES-ResolveLinkTo, ES-ExpectedVersion
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Location, ES-Position
< Location: http://localhost:2113/streams/printing/1
< Content-Type: text/plain; charset=utf-8
* Server Mono-HTTPAPI/1.0 is not blacklisted
< Server: Mono-HTTPAPI/1.0
< Date: Fri, 26 May 2017 11:00:54 GMT
< Content-Length: 0
< Keep-Alive: timeout=15,max=100
sven....@gmail.com
May 26, 2017, 8:33:19 AM5/26/17
to Event Store
Hello Greg, Currently, the Docker Container has run-node.sh --ext-http-prefixes=http://*:2113/ --ext-ip=0.0.0.0 --db /persistent/db --log /persistent/logs --run-projections=all
To enable SSL for the engine, is it necessary to specify the SSL Port with
To enable SSL for the engine, is it necessary to specify the SSL Port with
--ext-sec-tcp-port ?Greg Young
May 26, 2017, 9:06:30 AM5/26/17
to event...@googlegroups.com
--ext-sec-tcp-port involves ssl over tcp. are you trying to do ssl
from nginx to eventstore or terminating at nginx?
from nginx to eventstore or terminating at nginx?
sven....@gmail.com
May 26, 2017, 9:41:19 AM5/26/17
to Event Store
Hello Greg
This is the current nginx config:
server {
listen 443 ssl default_server;
ssl_certificate /certificates/server.pem;
ssl_certificate_key /certificates/server.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
server_name eventstore.mydomain
location / {
proxy_pass http://127.0.0.1:2113;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto https;
}
}
I gather that 443 should be exposed, yet I cannot connect using https and curl from outside the Docker network using sniproxy.
SSL should not terminate at nginx.
Currently, eventstore is initialized with command=./run-node.sh --ext-http-prefixes=http://*:2113/ --ext-ip=0.0.0.0 --db /persistent/db --log /persistent/logs --run-projections=all
Port 443 is not exposed in the Dockerfile definition.
This is the current nginx config:
server {
listen 443 ssl default_server;
ssl_certificate /certificates/server.pem;
ssl_certificate_key /certificates/server.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
server_name eventstore.mydomain
location / {
proxy_pass http://127.0.0.1:2113;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto https;
}
}
I gather that 443 should be exposed, yet I cannot connect using https and curl from outside the Docker network using sniproxy.
SSL should not terminate at nginx.
Currently, eventstore is initialized with command=./run-node.sh --ext-http-prefixes=http://*:2113/ --ext-ip=0.0.0.0 --db /persistent/db --log /persistent/logs --run-projections=all
Port 443 is not exposed in the Dockerfile definition.
sven....@gmail.com
May 26, 2017, 10:59:12 AM5/26/17
to Event Store
The SNI reverse proxy is a seperate component, terminates TLS, and it forwards the unencrypted traffic to the Docker container running EventStore.
I am asking myself if, in such a scenario, the nginx forwarding from EventStore HTTP Port to port 443 is even necessary.
I am asking myself if, in such a scenario, the nginx forwarding from EventStore HTTP Port to port 443 is even necessary.
Greg Young
May 27, 2017, 9:05:38 AM5/27/17
to event...@googlegroups.com
likely no and you def want http not https to 2113 in your config, that
could be where the issue is coming up.
could be where the issue is coming up.
sven....@gmail.com
May 29, 2017, 5:05:15 AM5/29/17
to Event Store
Hello Greg
Does that mean there is no way to use https for communication with the HTTP-API?
Sven
Does that mean there is no way to use https for communication with the HTTP-API?
Sven
Greg Young
May 29, 2017, 5:08:55 AM5/29/17
to event...@googlegroups.com
no it means you would need to configure it.
port 2113 in the default settings is http
port 2113 in the default settings is http
sven....@gmail.com
May 29, 2017, 5:32:35 AM5/29/17
to Event Store
Hi Greg
Currently, there is an nginx configuration that proxy-passes all requests from listening port 443 to the internal http address http://127.0.0.1:2113 on port 2113.
However, this is where curl returns 501. I am relatively new to EventStore, how can this be made to work? Is there something missing with regards to eventstore and nginx in order to have
access via https?
Currently, there is an nginx configuration that proxy-passes all requests from listening port 443 to the internal http address http://127.0.0.1:2113 on port 2113.
However, this is where curl returns 501. I am relatively new to EventStore, how can this be made to work? Is there something missing with regards to eventstore and nginx in order to have
access via https?
alessandro meyer
May 29, 2017, 11:07:02 AM5/29/17
to Event Store
Hey Greg,
i'm very certain it's not related to EventStore as Sven is running into an another issue with his setup with eventstore in our company. I will look at it with him.
Thanks a lot for helping.
-Alessandro
Reply all
Reply to author
Forward
0 new messages