Skip to Main Content

ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

502 OCI Load Balancer + Custom ORDS 24.2 + APEX 24.1.1

Jim DicksonAug 21 2024 — edited Aug 21 2024

How do I debug a 502 error (I know very little about http)

curl produces this - but this confirms my problem, not sure how to proceed to a resolution

curl -vvv https://www.transaction-matching.com/ords/_/landing
* Trying 84.8.153.152:443...
* Connected to www.transaction-matching.com (84.8.153.152) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=transaction-matching.com
* start date: Aug 13 04:40:41 2024 GMT
* expire date: Nov 11 04:40:40 2024 GMT
* subjectAltName: host "www.transaction-matching.com" matched cert's "www.transaction-matching.com"
* issuer: C=US; O=Let's Encrypt; CN=E6
* SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /ords/_/landing HTTP/1.1
> Host: www.transaction-matching.com
> User-Agent: curl/7.81.0
> Accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 502 Bad Gateway
< Date: Wed, 21 Aug 2024 06:10:22 GMT
< Content-Type: text/html
< Content-Length: 145
< Connection: keep-alive
<
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center></center>
</body>
</html>
* Connection #0 to host www.transaction-matching.com left intact

Config (please let me know if I have omitted anything that could be relevant)

DNS

GoDaddy
transaction-matching.com = 84.8.153.152
cname apex transaction-matching.com.
cname www transaction-matching.com.

Oracle OCI Load Balancer

Oracle OCI Load Balancer lb_apex23c = 84.8.153.152 (public)
Has certificate
Listener listener_apex23c_ords HTTPS 443 oci-default-ssl-cipher-suite-v1 use SSL=Y
TLS 1.2 & TLS 1.3
No Path route / Routing policy / Rule set

QU: is cipher suite is "best" ?

Backend set

Backend set bes_apex23c_ords
Backend 10.0.0.71 (apex23c-web) 8080

Backend config

[oracle@apex23c-web ~]$ systemctl status ords
● ords.service - Oracle REST Data Services
Loaded: loaded (/etc/systemd/system/ords.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2024-08-21 05:20:24 GMT; 11min ago
Process: 15093 ExecStop=/usr/bin/bash -c /etc/init.d/ords stop (code=exited, status=0/SUCCESS)
Process: 15166 ExecStart=/usr/bin/bash -c /etc/init.d/ords start (code=exited, status=0/SUCCESS)
Main PID: 15308 (java)
Tasks: 0 (limit: 99892)
Memory: 24.0K
CGroup: /system.slice/ords.service
‣ 15308 java -Doracle.dbtools.cmdline.home=/opt/oracle/ords -Duser.language=en -Duser.region=US -Dfile.encoding=UTF-8 -Djava.awt.headless=true -Dnashorn.args=--no-deprecation-warning -Doracle.dbt>
[oracle@apex23c-web ~]$
[oracle@apex23c-web ~]$ ords --config /etc/ords/config config list

ORDS: Release 24.2 Production on Wed Aug 21 05:32:03 2024

Copyright (c) 2010, 2024, Oracle.

Configuration:
/etc/ords/config

Database pool: default

Setting Value Source
---------------------------------- ------------------------------------------ -----------
database.api.enabled true Global
db.password ****** Pool Wallet
db.username ORDS_PUBLIC_USER3 Pool
db.wallet.zip.path /home/oracle/Wallets/Wallet_APEX23C.zip Pool
db.wallet.zip.service APEX23C_LOW Pool
feature.sdw true Pool
jdbc.InitialLimit 0 Pool
jdbc.MaxLimit 3 Pool
jdbc.MinLimit 0 Pool
plsql.gateway.mode proxied Pool
restEnabledSql.active true Pool
security.requestValidationFunction ords_util.authorize_plsql_gateway Pool
standalone.context.path /ords Global
standalone.doc.root /etc/ords/config/global/doc_root Global
standalone.http.port 8080 Global
standalone.static.context.path /i/24.1.1/ Global
standalone.static.path https://static.oracle.com/cdn/apex/24.1.1/ Global

[opc@apex23c-web ~]$ sudo lsof -i -P -n | fgrep LISTEN | egrep "8443|8080"
java 15308 oracle 8u IPv6 203351 0t0 TCP *:8080 (LISTEN)

Suspect this could appropriate for a number of different forums because (from my simplistic perspective), problem could be LB, ORDS, APEX or even database :(

[ NB I have a similar setup OCI Load Balancer + Custom ORDS 24.1 + APEX 24.1.1 where I can get to landing page - but cannot see any significant differences (to me). I could post config if that helps ].

This post has been answered by Jim Dickson on Aug 21 2024
Jump to Answer
Comments
Post Details
Added on Aug 21 2024
1 comment
164 views