HTTPS termination ahead of MongoDB charts 19.2.1 container

Hello,

I have installed MongoDB Charts on an ECS container and in front of that,
i have a cloudfront that terminate the SSL connection an redirect traffic over HTTP on my container.

I can access to the login page but as soon as i’m trying to login, I’m getting this error:

(TRANSPORT_ERROR): the request transport encountered an error communicating with Stitch: Network request failed

By looking to queries send by browser, i can see that a kind of metadatas pre-fetch query on
https://<mydomain>/api/client/v2.0/app/<App-id>/location is launched, but is gives back an hostname with http protocol over https:
{"deployment_model":"GLOBAL","location":"US-VA","hostname":"http://<mydomain>"}

Then the preflight (OPTIONS) query is launched but ober http, so the browser raise an “Mixed Content” error

Can someone help me to figure out why it returns this hostname ? and how to make it works ?

PS: I need to terminate SSL connection ahead the container so i can’t configure HTTPS on MongoDB Charts web server with CHARTS_HTTPS_CERTIFICATE* variables.

2 Likes

Hi Nicolas,

Charts respects any of these headers to determine if it needs to make the hostname HTTPS:

X-Forwarded-Proto: https
Front-End-Https: on
X-Forwarded-Protocol: https
X-Forwarded-Ssl’: on
X-Url-Scheme: https

You should be able to set these headers either by changing the Origin Protocol Policy, or in a pinch, via Origin Custom Headers.

3 Likes

Hi Nathan,

I added X-Url-Scheme header to my Origin Custom Headers and it works, thank you so much !

Hi
Before you can configure HTTPS for your MongoDB Charts web server, you must first obtain an SSL key and certificate from an appropriate certification authority. Instructions for obtaining an SSL key and providing a list of trusted certificate authorities

https://docs.mongodb.com/charts/current/administration/configure-https-deployment/

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.