Diagnosing network errors

tschutter · September 17, 2019, 8:15pm

We have a customer that is unable to activate their license because they always get “Failed to connect to the server due to network error” messages. We know that they have a proxy in place. We added code that allowed them to manually set the proxy, but they still cannot connect. The return from LexActivator (Java) is not giving enough detail for us to determine what is wrong. Name lookup? Connection? Something else?

What are the next steps for diagnosing the issue? These are our current diagnostic steps:

First, test the status of the CryptLex servers by browsing to
https://status.cryptlex.com/. Verify that the “Web API” item has
a green check mark. Also check that the “Web API Response Time” is
less than 1000ms.

Second, check to see if the client machine can connect to the
CryptLex server by bringing up a web browser on the client
machine, and connecting to https://api.cryptlex.com/v3/users. If
“Authentication failed!” is displayed, then the test was successful.
If this test fails, then most likely there is a very restrictive
firewall between the client machine and the CryptLex server.
Therefore, the firewall may need to be configured to whitelist
outbound connections to api.cryptlex.com (104.28.6.103 and
104.28.7.103) for port 443.

adnan-kamili · September 18, 2019, 8:04am

Hi Thomas,

For checking the service, instead of using https://api.cryptlex.com/v3/users you can use https://api.cryptlex.com/v3/status instead.

Please use the following to do the network test and share console log:

tschutter · September 19, 2019, 7:00pm

Console log:

*   Trying 104.28.6.103...
* TCP_NODELAY set
* Connected to api.cryptlex.com (104.28.6.103) port 443 (#0)
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 1/3)
* schannel: disabled server certificate revocation checks
* schannel: sending initial handshake data: sending 180 bytes...
* schannel: sent initial handshake data: sent 180 bytes
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 2/3)
* schannel: encrypted data got 1380
* schannel: encrypted data buffer: offset 1380 length 4096
* schannel: encrypted data length: 1284
* schannel: encrypted data buffer: offset 1284 length 4096
* schannel: received incomplete message, need more data
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 2/3)
* schannel: encrypted data got 1059
* schannel: encrypted data buffer: offset 2343 length 4096
* schannel: sending next handshake data: sending 126 bytes...
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 2/3)
* schannel: encrypted data got 51
* schannel: encrypted data buffer: offset 51 length 4096
* schannel: SSL/TLS handshake complete
* schannel: SSL/TLS connection with api.cryptlex.com port 443 (step 3/3)
* schannel: stored credential handle in session cache
> POST /v3/activations HTTP/1.1
Host: api.cryptlex.com
Accept: */*
Content-Type: application/json
Content-Length: 953

* upload completely sent off: 953 out of 953 bytes
* schannel: client wants to read 16384 bytes
* schannel: encdata_buffer resized 17408
* schannel: encrypted data buffer: offset 0 length 17408
* schannel: encrypted data got 762
* schannel: encrypted data buffer: offset 762 length 17408
* schannel: decrypted data length: 598
* schannel: decrypted data added: 598
* schannel: decrypted data cached: offset 598 length 16384
* schannel: encrypted data length: 135
* schannel: encrypted data cached: offset 135 length 17408
* schannel: decrypted data length: 72
* schannel: decrypted data added: 72
* schannel: decrypted data cached: offset 670 length 16384
* schannel: encrypted data length: 34
* schannel: encrypted data cached: offset 34 length 17408
* schannel: decrypted data length: 5
* schannel: decrypted data added: 5
* schannel: decrypted data cached: offset 675 length 16384
* schannel: encrypted data buffer: offset 0 length 17408
* schannel: decrypted data buffer: offset 675 length 16384
* schannel: schannel_recv cleanup
* schannel: decrypted data returned 675
* schannel: decrypted data buffer: offset 0 length 16384
< HTTP/1.1 400 Bad Request
< Date: Thu, 19 Sep 2019 18:49:09 GMT
< Content-Type: application/json; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: __cfduid=d93762c31a3f93704c72da7d6f01b68aa1568918949; expires=Fri, 18-Sep-20 18:49:09 GMT; path=/; domain=.cryptlex.com; HttpOnly
< X-Rate-Limit-Limit: 5s
< X-Rate-Limit-Remaining: 49
< X-Rate-Limit-Reset: 2019-09-19T18:49:14.3519078Z
< Processing-Time: 59ms
< Via: 1.1 vegur
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 518dbce788955003-DEN
<
* Connection #0 to host api.cryptlex.com left intact

adnan-kamili · September 19, 2019, 7:21pm

Please share your license key.

tschutter · September 19, 2019, 7:53pm

How should I share the license key given that this is a public forum? And isn’t this test independent of the license key?

support · September 20, 2019, 1:12pm

Hi Thomas,

Please send us the license key having the issue to support@cryptlex.com

tschutter · September 24, 2019, 1:48pm

Any progress? I have sent the license key to support@cryptlex.com.

But I believe the issue is the communication through the Cloudflare SSL proxy as seen by the “HTTP/1.1 400 Bad Request” in the console log.

support · September 24, 2019, 2:04pm

Please check the email with the new details.