This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jond3rd
Explorer
‎2023-10-24 09:48 PM

Getting HTTP/1.1 400 Bad Request error

Hi,

 

I am trying to test the API of my MDS and I execute the curl command from a linux server

 

curl -vvvv -k -X POST -H "Content-Type: application/json" -d '{"user":"xxxxx","password":"xxxxxx"}' https://<API-SERVER-IP>/web_api/login

 

But I keep on getting this message. The same command works fine when run on the MDS server itself.

API is configured to accept connections from all IP. Anything I missed?

 

* About to connect() to <API-SERVER-IP> port 443 (#0)
* Trying <API-SERVER-IP>..
* Connected to <API-SERVER-IP> (<API-SERVER-IP>) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: OID.1.2.840.113549.1.9.2=An optional company name,E=Email Address,CN=<API-SERVER-IP>,L="Locality Name (eg, city)"
* start date: Apr 13 06:22:29 2023 GMT
* expire date: Apr 12 06:22:29 2033 GMT
* common name: 192.168.1.1
* issuer: OID.1.2.840.113549.1.9.2=An optional company name,E=Email Address,CN=<API-SERVER-IP>,L="Locality Name (eg, city)"
> POST /web_api/login HTTP/1.1
> User-Agent: curl/7.29.0
> Host: <API-SERVER-IP>
> Accept: */*
> Content-Type: application/json
> Content-Length: 46
>
* upload completely sent off: 46 out of 46 bytes
< HTTP/1.1 400 Bad Request
< Date: Wed, 25 Oct 2023 04:39:35 GMT
< Server: Jetty(9.2.9.v20150224)
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< X-UA-Compatible: IE=EmulateIE8
< X-Forwarded-Host-Port: 443
< Connection: close
< Transfer-Encoding: chunked
<
{
"code" : "generic_server_error",
"message" : "Management server failed to execute command"
* Closing connection 0

 

 

 

 

0 Kudos
5 Replies
Bob_Zimmerman
Authority
Authority
‎2023-10-25 08:43 AM

Run the command 'api status' on the management. In the top section of the output, what value do you see for "Accessibility"? By default, management servers only allow management API connections from themselves. I don't remember which HTTP status code is returned when you make a call from a machine not on the list, but 400 might be it.

0 Kudos
jond3rd
Explorer
‎2023-10-25 11:38 AM
In response to Bob_Zimmerman

Hi Bob,

 

Thanks for responding.

API is configured to grant all connections

 

 

Here's the output of 'api status'

=================

API Settings:
---------------------
Accessibility: Require all granted
Automatic Start: Enabled

Processes:

Name State PID More Information
-------------------------------------------------
API Started 109094
CPM Started 109094 Check Point Security Management Server is running and ready
FWM Started 121344
APACHE Started 90786

Port Details:
-------------------
JETTY Internal Port: 53593
JETTY Documentation Internal Port: 59762
APACHE Gaia Port: 443

Profile:
-------------------
Machine profile: 65536-131071 without SME - MDS
CPM heap size: 12288m

 

--------------------------------------------
Overall API Status: Started
--------------------------------------------

API readiness test SUCCESSFUL. The server is up and ready to receive connections

Notes:
------------
To collect troubleshooting data, please run 'api status -s <comment>'

 

=================

0 Kudos
Bob_Zimmerman
Authority
Authority
‎2023-10-26 07:31 AM
In response to jond3rd

What version is your MDS? I just tested a similar command on one of mine running R81.10 jumbo 94, and it worked:

[<myUser>@<client> ~]$ curl -kvH "Content-Type: application/json" -d '{"user":"<myUser>","password":"<myPassword>","read-only":true}' https://<MDS>/web_api/login
...
< HTTP/1.1 200 OK
< Date: Thu, 26 Oct 2023 14:16:15 GMT
< Server: Jetty(9.2.9.v20150224)
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< X-UA-Compatible: IE=EmulateIE8
< X-Forwarded-Host-Port: 443
< Transfer-Encoding: chunked
< 
{
  "sid" : "...",
  "url" : "https://<MDS>:443/web_api",
  "session-timeout" : 600,
  "login-message" : {...},
  "read-only" : true,
  "api-server-version" : "1.8.1",
  "user-name" : "<myUser>",
  "user-uid" : "..."
}

Multiple '-v' switches don't make cURL more verbose. The '-X POST' is implied by having the -d. I added read-only: true because my MDS is live, and I don't want to leave anything in the client shell logs which could be used to make changes. I think those are the only changes I made to the cURL command.

Maybe some service is misbehaving. Have you tried 'mdsstop && mdsstart' or rebooting?

0 Kudos
jond3rd
Explorer
‎2023-10-26 04:31 PM
In response to Bob_Zimmerman

Hi Bob,

Thanks for the response.

I have the same MDS version as yours, R81.10 Take 94. Will try to restart the MDS and see how it goes, just needed some maintenance window so it may take a while.

What puzzles me is, why is it that the same commands works fine when executed within the MDS itself.

 

Thanks a lot for your inputs, really appreciate it

 

0 Kudos
Atanas
Explorer
‎2024-03-14 04:11 AM
In response to jond3rd

Hi,

Is there any solution to this issue? Does the restart help? Thank you!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events