Issues with server configurations unable to connect woocommerce api to flutter

Keywords: WordPress - Google Cloud Platform - Technical issue - Other
bnsupport ID: 06838a8b-1de4-ed10-b2b0-0cd4594c455c
Description:
Hello I am having some issues and it is pertaining to the server when I try connecting it to flutter via the woocommerce api the api I ran in postman isn’t able to get the API and I tried uninstalling all the 3rd party plugins with wordpress but this doesn’t help.

Hello,

So when I try following this doc here

https://github.com/woocommerce/woocommerce/wiki/Getting-started-with-the-REST-API

I get these errors underlined in blue.

More specifically this is the error I am receiving connecting to it from flutter.

Hi @Dayib

Thanks for using Bitnami WordPress!

I have been able to access your site and checked that both Chrome and Firefox accept your certificate as valid (you can see the green padlock next to the URL). Nevertheless, if you try to verify your site using openssl you will get the same error:

$ openssl s_client -connect XXXXXX.market:443
CONNECTED(00000005)
depth=0 CN = XXXXX.market
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = XXXXX.market
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:CN = XXXX.market
   i:C = US, O = Let's Encrypt, CN = R3
 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---

Why is that? In order to verify an SSL certificate, you need to be able to verify the whole chain. Web browsers usually include common root and intermediate certificates (that conform the chain). OpenSSL does not trust the same amount of certs as those web browsers, and it turns out it fails to verify the trust chain.

In order to solve it, you may need to instruct Apache to use a certificate that includes both the one that identifies your site and the one that OpenSSL does not know about (bundle certificate). Can you try the following commands to generate one and make your site use it?

# Stop your Apache service
$ sudo /opt/bitnami/ctlscript.sh start apache

# Generate the bundle certificate
$ cd /opt/bitnami/letsencrypt/certificates
$ sudo cp XXXXX.market.crt XXXXX.market.crt.back
$ sudo cp -R /opt/bitnami/letsencrypt/certificates /opt/bitnami/letsencrypt/certificatesBack
$ sudo cat XXXXX.market.issuer.crt | sudo tee -a XXXX.market.crt

# Start your Apache service
$ sudo /opt/bitnami/ctlscript.sh start apache

Note that XXXX.market should be replaced by the correct NAME your site uses.

Can you please try that and report back?

Best regards,
Jose Antonio Carmona


Was my answer helpful? Click on :heart:

Good evening,

Thank you for making bitnami!

I ran the commands and ran the connection from the app to get the apis connected again,

it then ran into these errors.

f2 f1

12df23ae-b684-4437-d912-9178655c4b97

Hi again @Dayib,

I have tried to connect to your site to verify the SSL certificate using both OpenSSL and web browsers as I already did, but I could not connect to your instance this time.

it then ran into these errors.

The errors you mention this time don’t seem to be related to the SSL certificate. Instead, I think this related to the Flutter application itself or to the API endpoint you are making the request to (it seems the response format is not the one expected by the application). Are you developing this application? If you are not, please reach out to the developer or check its documentation out for further information :slightly_smiling_face:

Best regards,
Jose Antonio Carmona


Was my answer helpful? Click on :heart:

1 Like

Hello, I think it’s occurred after those changes to the server. How can I check where this error was triggered and resolve it? I tried restarting the server and apache and phpfm as well as my-sql via this doc here

https://docs.bitnami.com/google/faq/troubleshooting/troubleshoot-server-performance/

memory seems to be ok as well.

391214e2-0a04-ae74-437e-0b9916d4e316

Hi @Dayib

I have checked the report generated by the bnsupport-tool and seem that the Apache server was running back when the tool was executed. Nevertheless, it seems that it is no longer running as I get a timeout when trying to connect to your instance.

Could you please run the following commands?

$ sudo apachectl -t
$ sudo /opt/bitnami/ctlscript.sh status
$ curl -IL http://localhost
$ curl -IL https://localhost
$ openssl s_client -connect XXXXXX.market:443
$ sudo tail -n 30 /opt/bitnami/apache2/logs/error_log

Best regards,
Jose Antonio Carmona


Was my answer helpful? Click on :heart:

Hello, thank you for clarify that with me, here are the commands ran below.

    the_real_lessons@wordpress-2-vm:~$ sudo apachectl -t
    Syntax OK
    the_real_lessons@wordpress-2-vm:~$ sudo /opt/bitnami/ctlscript.sh status
    php-fpm already running
    apache already running
    mysql already running
    the_real_lessons@wordpress-2-vm:~$ curl -IL http://localhost
    HTTP/1.1 302 Found
    Date: Wed, 28 Apr 2021 20:36:37 GMT
    Server: Apache
    X-Frame-Options: SAMEORIGIN
    Location: https://www.XXXXX.market/
    Content-Type: text/html; charset=iso-8859-1
    curl: (28) Failed to connect to www.XXXXX.market port 443: Connection timed out
    the_real_lessons@wordpress-2-vm:~$ curl -IL https://localhost
    curl: (60) SSL certificate problem: unable to get local issuer certificate
    More details here: https://curl.haxx.se/docs/sslcerts.html
    curl failed to verify the legitimacy of the server and therefore could not
    establish a secure connection to it. To learn more about this situation and
    how to fix it, please visit the web page mentioned above.
    the_real_lessons@wordpress-2-vm:~$ openssl s_client -connect XXXXX.market:443

Hi @Dayib,

It seems that the webserver is running properly but you can’t access the server from outside the instance and you get a time out error

    curl: (28) Failed to connect to www.XXXXX.market port 443: Connection timed out

Can you ensure that the ports 22, 80 and 443 are open in the firewall?

https://docs.bitnami.com/google/faq/administration/use-firewall/

Happy to help!


Was my answer helpful? Click on :heart:

Hello @jota

I followed the instructions on the 2nd wp deployment this pertains to and here are the firewalls from the GC side. I restarted apache and that hasn’t unfortunately worked.

Hi @Dayib,

The firewall configuration looks fine but I can see that you have many different WordPress deployments in Google, does the same issue happen in all of them? You can contact the Google support team for them to investigate the issue and provide more information to you. I can see that your domain’s IP was updated recently but I can’t access it yet. I also tried to reach the SSH port and I was unable to do so.

EDIT: I just reviewed the configuration and want to confirm with you if your WordPress instance has the proper tag to use the firewall rule. If you take a look at our guide, you can see this information under the “In case that the firewall rule doesn’t appear in the list, you can manually add the firewall rule to your instance.” string.

https://docs.bitnami.com/google/faq/administration/use-firewall/

You will need to edit the network tags parameter of your deployment.

Hello @jota

Thank you for clarifying,

I am too getting this specific error when I try SSH into the server I too can’t access it since I made this new firewall I cleared the other firewalls and left only the one created via that document. I don’t have any other instances running at the moment but the one targeted wp-2.

The firewall tag is paired to the instance it seems so, have I done it correctly here?

Hi @Dayib,

Port 22 is not in the “Protocols/ports” list of the “bitnami-wp-process” firewall rule so that’s why you can’t access the instance using a SSH connection. In order to get more information about the firewall configuration, we suggest you contact the Google’s support team. They have access to your configuration and can evaluate what’s wrong with it. Note that we do not have access to your account and it’ll take longer to fix this. However, do not hesitate to ask us if you have any questions.

Hello @jota

I now have access to it again,

86565ad2-2af1-e5ef-d16e-1739319a84cb

I follwed this documentation here to open port 22.

https://cloud.google.com/iap/docs/using-tcp-forwarding#tunneling_ssh_connections

and it worked. However, I am still experiencing the load-out time error on the front end of the web page.

Thank you,

Hi @Dayib,

Can you do the same to open ports 80 and 443? It seems those ports are still closed and that’s why you can’t access the application.

Hello @jota

I have gone into the firewall and added ports 443,80 and restarted the instance.

These are the only active firewall configurations I have and the only instance running.

But that didn’t work it, still can’t be reached.

6143cd94-c8a2-13b5-850e-9396457412b3

Hi @Dayib,

I just detected a misconfiguration with your domain. The Bitnami Support tool reported this IP (34.74.132.89). However, your domain (bakaara.market) is pointing to a different IP

https://www.whatsmydns.net/#A/bakaara.market

Please review that and ensure the domain is properly configured when accessing your site.

PS: I just edited my /etc/hosts file and updated the domain’s IP and accessed your site without problems

Hello @jota Thank you very much!

I appreciate your assistance I have gone ahead and made the changes and It has worked. I will continue to get support from the devs of the API endpoint please delete the image and the website in reference.