Serverless Ingress Solution on AWS

Below is the typical ingress solution for many organizations' AWS workloads. The data flow is: Users -> CDN (e.g Akamai,Cloudflare) -> Ingress internet-facing ALB -> Ingress ASG (e.g Nginx, HAProxy) -> TGW -> Workload internal ALB -> Workload applications (ASG or K8S services). As you can see, the improvements are the adoptions of some Cloud … Continue reading Serverless Ingress Solution on AWS

HTTP Code 499

Http status code 499 is a non-standard status code introduced by nginx for the case when a client closes the connection while nginx is processing the request. I just encountered the 499 code in the nginx log a couple days ago. The reason of that is I wrote a Ajax to make a API call to the … Continue reading HTTP Code 499

ERR_CERT_COMMON_NAME_INVALID because of Subject Alternative Name missing

If you are seeing similar errors in Chrome as below, your private cert probably missed the SAN. Starting from Chrome 58, it validates the DNS against the SAN that is in the certificate. Here is the quote that I found "Certificates have two ways to express the domain/IP they're bound to - one which is … Continue reading ERR_CERT_COMMON_NAME_INVALID because of Subject Alternative Name missing