If you have a chance, open up the Developer Tools in your browser and check out the response coming back from the server. Add a processor to your canvas and the response will contain an entry like this
uri:" https://localhost:8443/nifi-api/processors/e82c44e1-0157-1000-73be-f709aa402a30 " This URI is how subsequent actions for this processor will be requested. This URI is generated using the incoming request (from the proxy in your scenario) but can be overridden. If this URI is the scheme/host/port of the back-end instance and not the proxy you should try adding those headers I outlined in my previous message to see if it helps. Matt On Fri, Oct 21, 2016 at 7:54 AM, skunky <leoa...@gmail.com> wrote: > Hi, > Thanks for help ! > I didn't map any path of nifi. I just have a ssl termination on a load > balancer ( haproxy in this case) that forward all req. that at commint to > it's frontentd ( https:444 ) to the ip of the nifi instance ( which is > http:8080). > So user browser hits https://balancer_ip:444 that forwards to > http://nifi_ip:8080. > The problem is at some point, the url becomes http ( and browser interrupts > conbection because of "mixed content" ). > That's why I think I need to have the whole nifi stream over ssl. Just > to > have the same ssl type content, not a mixed one. > > Here, I posted the nifi part of haproxy conf : > > ## NIFI SSL ## > frontend nifissl > mode http > bind *:444 ssl crt cert.pem > reqadd X-Forwarded-Proto:\ https > reqadd X-Forwarded-Proto:\ http > redirect scheme https if !{ ssl_fc } > capture request header origin len 128 > http-response add-header Access-Control-Allow-Origin > %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found } > rspadd Access-Control-Allow-Headers:\ Origin,\ X-Requested-With,\ > Content-Type,\ Accept if { capture.req.hdr(0) -m found } > default_backend srv1 > > backend nifissl-centos > balance roundrobin > server srv1 x.x.x.x:8080 check > > > > > -- > View this message in context: http://apache-nifi-developer- > list.39713.n7.nabble.com/Nifi-1-0-0-HTTPS-tp13683p13685.html > Sent from the Apache NiFi Developer List mailing list archive at > Nabble.com. >
