SSL Termination and Proxying HTTP to Rundeck

[Chris Carter]

Hi there,

We run our management environment behind a series of HAProxy servers, which in turn live behind some AWS Load Balancers that terminate HTTP.  I'm trying to get proxying from our HAProxy instances working to Rundeck 2.0.0-alpha1 using an external SSL URL, but internally just passing everything down as HTTP.  When I set everything up to run as localhost in the Rundeck configuration, RD works fine (accessing it on the local network).  However, the minute I update configuration to use the external SSL URL, I get a 503 error and a "No server is available to handle this request." error from Rundeck.  Is there something else I need to configure to make this work?  Here's what our configuration looks like:

framework.properties

===========================

framework.server.name = rundeck.ourdomain.us

framework.server.hostname = rundeck.ourdomain.us

framework.server.port = 4440

framework.server.url = https://rundeck.ourdomain.us

rundeck-config.properties

============================

grails.serverURL=https://rundeck.ourdomain.us

I've also tried changing the https to http in those configuration files, and just accessing the server via straight http (no https termination) to see if the SSL was the issue, but no luck.

I'm completely stumped as to what else I can do to get this working, and unfortunately don't have any experience with Grails.  Any suggestions as to where I can look next?

Chris

[Chris Carter]

FYI - the 503 error was caused by faulty HAProxy configuration, not by Rundeck.  With that fixed, almost everything works as expected, save one thing: logouts and inital connections to the root URL attempt to redirect to a non-SSL version of the server URL for some reason.  Any ideas on how to remedy that?

[Etienne Pelletier]

I solved the problem by enabling SSL on the server itself in addition to the load balancer. I have mine behind an EC2 load balancer as well (no HAProxy servers). It's working quite well this way.