How to redirect http to https mender-api

Hello,

I have the self-hosted mender running on aws. eg URL: mender.myiotproject.link.

Using https works fine, https://mender.myiotproject.link.
If I try to use http, http://mender.myiotproject.link, I expect the openresty to redirect it to https. But it’s not happening. I looked into the nginx config and see that the config to redirect is already present.

Should I need to configure something additional to redirect http to https for the mender URL?

Thanks & Regards,
Vinoth

Can you give more details as to what redirect address your browser is being handed.

You might want to use curl/wget to get more verbose logging on what’s happening.

Hi,

There’s no setting on my browser.

curl logs:

curl http://mender.iot-gateway-test.de -v

GET / HTTP/1.1
Host: mender.iot-gateway-test.de
User-Agent: curl/7.58.0
Accept: /

I expect the mender API Gateway to accept the http and redirect it to https. But it’s not working.

I am using the mender server 2.4

It seems strange your client is not receiving the redirect header from the server

Its possible there has been a regression, as when I test 2.2 which i’m running i get a correct redirect header sent from the server (ignore the fact i’m running on port 9443)

 curl -v http://<myhost>:9443
 
 Trying <myhost>:9443...
* TCP_NODELAY set
* Connected to <myhost> (<myip>) port 9443 (#0)
> GET / HTTP/1.1
> Host: <myhost>:9443
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: openresty/1.13.6.2
< Date: Mon, 17 Aug 2020 15:56:46 GMT
< Content-Type: text/html
< Content-Length: 191
< Connection: close
< Location: https://<myhost>:9443/
< Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
< X-Frame-Options: DENY
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store
< Pragma: no-cache
< 
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty/1.13.6.2</center>
</body>
</html>

This is working for me :

curl -v http://myhost:443

I want this to work :
curl -v http://myhost:80

http is redirected to https

I havent tried this, so dont know if it will work but maybe you can add an extra entry in your prod.yml file “80:443” for the api gateway.

Setting “80:80” is working.

just to clarify, you now have it working how you want it?