Apex Code Development You need to sign in to do that
Don't have an account?
Itru Unable to tunnel through proxy. Proxy returns "HTTP/1.1 503 Service Unavailable
I'm trying to make an HTTP Request to other System.
They provided the endpoint URL which contains a Port number.
https://Test.com:50001/RESTAP/BGN/PRDV/CREATE
When I'm trying to make the request I facing with this ERROR:
> System.CalloutException: Unable to tunnel through proxy. Proxy returns
> "HTTP/1.1 503 Service Unavailable"
although I have added the URL in remote sites.
When I make the request from Postman - I get the response as expected.
My code is :
Http httpProtocol = new Http();
HttpRequest request = new HttpRequest();
String url = 'https://Test.com:50001/RESTAP/BGN/PRDV/CREATE';
String username2 = 'Name';
String password2 = 'Passowrd';
Blob headerValue = Blob.valueOf(username2 + ':' + password2);
String authorizationHeader = 'BASIC ' + EncodingUtil.base64Encode(headerValue);
request.setEndpoint(url);
request.setMethod('POST');
request.setHeader('Authorization', authorizationHeader);
request.setTimeout(60000);
request.setHeader('Content-Type','application/json');
request.setHeader('proxyPort','50001');
request.setHeader('proxyHost','PROXYHOST URL');
request.setHeader('proxySet','true');
HttpResponse response = httpProtocol.send(request);
Note: The userName and Password will be filled from Custom setting.
I tried with and without the proxy header, I tried to turn the BASIC auth to Basic and many other little changes that didn't work.
I'm still getting this Error.
How can I know if it not blocked by Firewall?
Any help or Idea to solve this issue
Thanks!
They provided the endpoint URL which contains a Port number.
https://Test.com:50001/RESTAP/BGN/PRDV/CREATE
When I'm trying to make the request I facing with this ERROR:
> System.CalloutException: Unable to tunnel through proxy. Proxy returns
> "HTTP/1.1 503 Service Unavailable"
although I have added the URL in remote sites.
When I make the request from Postman - I get the response as expected.
My code is :
Http httpProtocol = new Http();
HttpRequest request = new HttpRequest();
String url = 'https://Test.com:50001/RESTAP/BGN/PRDV/CREATE';
String username2 = 'Name';
String password2 = 'Passowrd';
Blob headerValue = Blob.valueOf(username2 + ':' + password2);
String authorizationHeader = 'BASIC ' + EncodingUtil.base64Encode(headerValue);
request.setEndpoint(url);
request.setMethod('POST');
request.setHeader('Authorization', authorizationHeader);
request.setTimeout(60000);
request.setHeader('Content-Type','application/json');
request.setHeader('proxyPort','50001');
request.setHeader('proxyHost','PROXYHOST URL');
request.setHeader('proxySet','true');
HttpResponse response = httpProtocol.send(request);
Note: The userName and Password will be filled from Custom setting.
I tried with and without the proxy header, I tried to turn the BASIC auth to Basic and many other little changes that didn't work.
I'm still getting this Error.
How can I know if it not blocked by Firewall?
Any help or Idea to solve this issue
Thanks!
salesforce IP addresses and your local IP addresses are two different addresses.
postman uses you PC's public IP addresses but while making callout from salesforce you need to whitelist salesforce instance IP addresses.
refer to this link Salesforce IP Addresses and Domains to Allow (https://help.salesforce.com/articleView?id=000321501&type=1&mode=1)
All Answers
Can you please see my response to Prem above?
If you still think it about the IP can you please explain why It happens with Salesforce Ip but not with other IPs like Mobile Network/ Wifi Public Network and Internal Network.. all of them have different IP Address - and it works when I use postman...
Thanks!
Greetings to you!
This error happens if your firewall doesn’t allow access to your server where the web service is hosted. Making the firewall changes should fix this issue.
In general, when you see an issue, follow this checklist to troubleshoot the issue:
Also, refer to this link:
https://help.salesforce.com/articleView?id=000321501&type=1&mode=1 (https://help.salesforce.com/articleView?id=000321501&type=1&mode=1)
I hope it helps you.
Kindly let me know if it helps you and close your query by marking it as solved so that it can help others in the future. It will help to keep this community clean.
Thanks and Regards,
Khan Anas
My use case is connecting from Salesforce to an AWS Elastic Load Balancer, which is acting as the SSL terminator for the connection before forwarding on to an EC2 instance. I get the same "HTTP/1.1 503 Service Unavailable" error even though the call is logged in the AWS ELB logs, so it's not a firewall issue (AWS security group or network ACL).
We added the IP addresses of the AWS ELB into the SF whitelist, but this didn't fix the problem. (The AWS ELB has a DNS name to resolves to 2 IP addresses)
Like the OP, sending the identical request (HTTPS POST) via PostMan works without issue.
I suspect that Salesforce is making some specific check on the response that other clients do not, and this is why the request/response fails. Possibly the AWS ELB is responding from a different IP address to the request because the DNS name has 2 IP addresses? Is there any way to whitelist a DNS name rather than IP addresses?
Interestingly, we don't have this issue when sending HTTPS requests from SF to a VM behind a Cisco Netscaler LB. This behaves differently to the AWS ELB, but I don't know the details.
Any suggestions?
Thanks,
John
is there any update on this issue, since we are also facing the same issue
Thanks
manikumar
salesforce IP addresses and your local IP addresses are two different addresses.
postman uses you PC's public IP addresses but while making callout from salesforce you need to whitelist salesforce instance IP addresses.
refer to this link Salesforce IP Addresses and Domains to Allow (https://help.salesforce.com/articleView?id=000321501&type=1&mode=1)
This question has been around for over a year - Sorry I did not update this.
Kunal Singh Gusain is right. When you got "HTTP/1.1 503 Service Unavailable" - your call did not reach the destination because of an internal service for example, so the destination system will need to whitelist your IP.
The issue with whitelisting:
Salesforce's recommendation is to whitelist ALL the IPs and not just your area which I guess will be like ~1M IP address.
The external service won't whitelist such a number (not even 200K for just one region) - They want only one IP Address which I guess is not possible.
Anyway, if it's possible to change the settings in their side and check the income request and manipulate it,
then, my suggestion is to share a key with a value in the header request and encrypt it with a symmetric key like AES256 and give up the whitelisting method, since Salesforce does not guarantee that the IPs will remain the same.
You can look more over here :
https://salesforce.stackexchange.com/questions/272639/whitelisting-salesforce-ip-in-external-systems
unfortunately, I did some wrong tests trying to reach the service at that time so please ignore my first comments.
The IPs were whitelisted. The logs were checked on the external system and no requests were received from our SFDC instance.
How did you resolve the issue in the end?