nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From skunky <leoa...@gmail.com>
Subject Re: Nifi 1.0.0 - HTTPS
Date Fri, 21 Oct 2016 11:54:29 GMT
Hi,
Thanks for help !
   I didn't map any path of nifi. I just have a ssl termination on a load
balancer ( haproxy in this case) that forward all req. that at commint to
it's frontentd ( https:444 ) to the ip of the nifi instance ( which is
http:8080). 
   So user browser hits  https://balancer_ip:444  that forwards to
http://nifi_ip:8080.
The problem is at some point, the url becomes http ( and browser interrupts
conbection because of "mixed content" ). 
   That's why I think I need to have the whole nifi stream over ssl. Just to
have the same ssl type content, not a mixed one.

Here, I posted the nifi part of haproxy conf :

## NIFI SSL ##
frontend nifissl
    mode http
    bind *:444 ssl crt cert.pem
    reqadd X-Forwarded-Proto:\ https
    reqadd X-Forwarded-Proto:\ http
    redirect scheme https if !{ ssl_fc }
    capture request header origin len 128
    http-response add-header Access-Control-Allow-Origin
%[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
    rspadd Access-Control-Allow-Headers:\ Origin,\ X-Requested-With,\
Content-Type,\ Accept  if { capture.req.hdr(0) -m found }
    default_backend srv1

backend nifissl-centos
    balance roundrobin
    server srv1 x.x.x.x:8080 check




--
View this message in context: http://apache-nifi-developer-list.39713.n7.nabble.com/Nifi-1-0-0-HTTPS-tp13683p13685.html
Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.

Mime
View raw message