Mixed content loaded over HTTPS with HAProxy after adding SSL Cert

I’m getting the following error after adding an SSL Cert to my haproxy configuration:

Mixed Content: The page at 'https://rancher.abc.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://rancher.abc.com/v2-beta/identities?limit=-1&sort=name'. This request has been blocked; the content must be served over HTTPS.

I’ve tried multiple things to workaround this. Any ideas why this is happening? Pertinent information below

Rancher Versions:

CATTLE_DB_CATTLE_DATABASE=mysql
CATTLE_DB_CATTLE_MYSQL_HOST=localhost
CATTLE_DB_CATTLE_MYSQL_NAME=cattle
CATTLE_DB_CATTLE_MYSQL_PORT=3306
CATTLE_DB_CATTLE_USERNAME=cattle
CATTLE_GRAPHITE_HOST=
CATTLE_GRAPHITE_PORT=
CATTLE_HOME=/var/lib/cattle
CATTLE_HOST_API_PROXY_MODE=embedded
CATTLE_LOGBACK_OUTPUT_GELF_HOST=
CATTLE_LOGBACK_OUTPUT_GELF_PORT=
CATTLE_RANCHER_CLI_VERSION=v0.4.1
CATTLE_RANCHER_COMPOSE_VERSION=v0.12.2
CATTLE_RANCHER_SERVER_IMAGE=rancher/server
CATTLE_RANCHER_SERVER_VERSION=v1.4.0
CATTLE_USE_LOCAL_ARTIFACTS=true

Docker Version:
1.2.5

OS version:
CentOS Linux release 7.3.1611 (Core) on VMWare

Setup Details:
Single node rancher

Environment Type:
Cattle

Steps to Reproduce

First run:

sudo docker run -d --restart=unless-stopped --name=rancher-server -v /data/rancher:/var/lib/rancher -p 127.0.0.1:8080:8080 rancher/server

Install HA-Proxy version 1.5.18 2016/05/10 and configure access over HTTP

Open web console and configure LDAP connectivity successfully

Update haproxy.cfg to allow SSL:

global
  maxconn 4096
  ssl-server-verify none

defaults
  mode http
  balance roundrobin
  option redispatch
  option forwardfor

  timeout connect 5s
  timeout queue 5s
  timeout client 36000s
  timeout server 36000s

frontend http-in
  mode tcp
  bind *:443 ssl crt /etc/haproxy/rancher-cert.pem
  default_backend rancher_servers

  acl is_websocket hdr(Upgrade) -i WebSocket
  acl is_websocket hdr_beg(Host) -i ws
  use_backend rancher_servers if is_websocket

backend rancher_servers
  server websrv1 127.0.0.1:8080 weight 1 maxconn 1024

Restart haproxy and attempt to login again resulting in aforementioned error.

1 Like