I’m getting the following error after adding an SSL Cert to my haproxy configuration:
Mixed Content: The page at 'https://rancher.abc.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://rancher.abc.com/v2-beta/identities?limit=-1&sort=name'. This request has been blocked; the content must be served over HTTPS.
I’ve tried multiple things to workaround this. Any ideas why this is happening? Pertinent information below
Rancher Versions:
CATTLE_DB_CATTLE_DATABASE=mysql
CATTLE_DB_CATTLE_MYSQL_HOST=localhost
CATTLE_DB_CATTLE_MYSQL_NAME=cattle
CATTLE_DB_CATTLE_MYSQL_PORT=3306
CATTLE_DB_CATTLE_USERNAME=cattle
CATTLE_GRAPHITE_HOST=
CATTLE_GRAPHITE_PORT=
CATTLE_HOME=/var/lib/cattle
CATTLE_HOST_API_PROXY_MODE=embedded
CATTLE_LOGBACK_OUTPUT_GELF_HOST=
CATTLE_LOGBACK_OUTPUT_GELF_PORT=
CATTLE_RANCHER_CLI_VERSION=v0.4.1
CATTLE_RANCHER_COMPOSE_VERSION=v0.12.2
CATTLE_RANCHER_SERVER_IMAGE=rancher/server
CATTLE_RANCHER_SERVER_VERSION=v1.4.0
CATTLE_USE_LOCAL_ARTIFACTS=true
Docker Version:
1.2.5
OS version:
CentOS Linux release 7.3.1611 (Core) on VMWare
Setup Details:
Single node rancher
Environment Type:
Cattle
Steps to Reproduce
First run:
sudo docker run -d --restart=unless-stopped --name=rancher-server -v /data/rancher:/var/lib/rancher -p 127.0.0.1:8080:8080 rancher/server
Install HA-Proxy version 1.5.18 2016/05/10 and configure access over HTTP
Open web console and configure LDAP connectivity successfully
Update haproxy.cfg to allow SSL:
global
maxconn 4096
ssl-server-verify none
defaults
mode http
balance roundrobin
option redispatch
option forwardfor
timeout connect 5s
timeout queue 5s
timeout client 36000s
timeout server 36000s
frontend http-in
mode tcp
bind *:443 ssl crt /etc/haproxy/rancher-cert.pem
default_backend rancher_servers
acl is_websocket hdr(Upgrade) -i WebSocket
acl is_websocket hdr_beg(Host) -i ws
use_backend rancher_servers if is_websocket
backend rancher_servers
server websrv1 127.0.0.1:8080 weight 1 maxconn 1024
Restart haproxy and attempt to login again resulting in aforementioned error.