-
1. Re: WildFly: reverse proxy with https
ctomc Jan 12, 2015 10:03 AM (in response to idannehl)This *should* work as support for https proxy was added in 8.2 (Undertow 1.1 that is used in 8.2)
any chance you can configure logging to TRACE
- org.wildfly.extension.undertow
- io.undertow
- org.xnio.nio
categories which should show you what exactly is going on
-
2. Re: WildFly: reverse proxy with https
idannehl Jan 13, 2015 3:46 AM (in response to ctomc)I added the TRACE logging and got the following output:
2015-01-13 08:05:00,476 TRACE [io.undertow.request] (default I/O-1) Opened connection with /127.0.0.1:56256
2015-01-13 08:05:00,507 DEBUG [io.undertow.request] (default I/O-1) Failed to connect: java.io.IOException: UT000065: SSL must be specified to connect to a https URL
at io.undertow.client.http.HttpClientProvider.connect(HttpClientProvider.java:90)
at io.undertow.client.UndertowClient.connect(UndertowClient.java:158)
at io.undertow.server.handlers.proxy.ProxyConnectionPool.openConnection(ProxyConnectionPool.java:204)
at io.undertow.server.handlers.proxy.ProxyConnectionPool.connect(ProxyConnectionPool.java:419)
at io.undertow.server.handlers.proxy.LoadBalancingProxyClient.getConnection(LoadBalancingProxyClient.java:277)
at io.undertow.server.handlers.proxy.ProxyHandler$ProxyClientHandler.run(ProxyHandler.java:255)
at io.undertow.util.SameThreadExecutor.execute(SameThreadExecutor.java:35)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:210)
at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:181)
at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:108)
at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:130)
at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:81)
at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:45)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.3.0.Final.jar:3.3.0.Final]
at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291) [xnio-api-3.3.0.Final.jar:3.3.0.Final]
at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286) [xnio-api-3.3.0.Final.jar:3.3.0.Final]
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.3.0.Final.jar:3.3.0.Final]
at org.xnio.nio.NioTcpServerHandle.handleReady(NioTcpServerHandle.java:53) [xnio-nio-3.3.0.Final.jar:3.3.0.Final]
at org.xnio.nio.WorkerThread.run(WorkerThread.java:539) [xnio-nio-3.3.0.Final.jar:3.3.0.Final]
Where can I configure the SSL for outgoing requests?
Regards
Ines
-
3. Re: Re: WildFly: reverse proxy with https
idannehl Jan 22, 2015 4:24 AM (in response to idannehl)Hi Tomaz,
I debugged WildFly to find out what causes the problem.
I figured out that the Host in the LoadBalancingProxyClient which is used by the ReverseProxyHostService is always created with ssl = null:
org.wildfly.extension.undertow.handlers.ReverseProxyHandlerHost:
ReverseProxyHostService:
@Override
public void start(StartContext startContext) throws StartException {
final LoadBalancingProxyClient client = (LoadBalancingProxyClient) proxyHandler.getValue().getProxyClient();
try {
client.addHost(new URI(name), instanceId);
} catch (URISyntaxException e) {
throw new StartException(e);
}
}
io.undertow.server.handlers.proxy.LoadBalancingProxyClient:
public synchronized LoadBalancingProxyClient addHost(final URI host, String jvmRoute) {
return addHost(host, jvmRoute, null);
}
public synchronized LoadBalancingProxyClient addHost(final URI host, String jvmRoute, XnioSsl ssl) {
Host h = new Host(jvmRoute, null, host, ssl, OptionMap.EMPTY);
...
}
This causes the execption.
It seems that the scheme "https" for the reverse proxy is not yet supported in WildFly 8.2.0.Final.
I found no way to configure the ssl for the reverse proxy host in standalone.xml.
When will this be implemented?
Kind regards
Ines
-
4. Re: WildFly: reverse proxy with https
gipathak Jan 23, 2019 8:53 PM (in response to idannehl)Hi Ines, I also having similar problem , I am using "wildfly12 undertow load balancer" with scheme "https" but still getting "503 - Service Unavailable" . I am getting the following error: ERROR [io.undertow.proxy] (default I/O-3) UT005028: Proxy request to /auth failed: java.nio.channels.ClosedChannelException at io.undertow.client.http.HttpClientConnection$5.handleEvent(HttpClientConnection.java:188) at io.undertow.client.http.HttpClientConnection$5.handleEvent(HttpClientConnection.java:167) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.StreamConnection.invokeCloseListener(StreamConnection.java:80) at org.xnio.Connection.writeClosed(Connection.java:117) at io.undertow.protocols.ssl.UndertowSslConnection.writeClosed(UndertowSslConnection.java:145) at io.undertow.protocols.ssl.SslConduit.notifyWriteClosed(SslConduit.java:588) at io.undertow.protocols.ssl.SslConduit.closed(SslConduit.java:996) at io.undertow.protocols.ssl.SslConduit.close(SslConduit.java:1092) at io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:803) at io.undertow.protocols.ssl.SslConduit.doHandshake(SslConduit.java:648) at io.undertow.protocols.ssl.SslConduit.access$900(SslConduit.java:63) at io.undertow.protocols.ssl.SslConduit$5$1.run(SslConduit.java:1059) at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:612) at org.xnio.nio.WorkerThread.run(WorkerThread.java:479) Could you please help me on this , how you resolved your problem ?