Re: Origin router and X-Forwarded-For

Hi, we have update the router wildcard certificate and we have re-created the route and now the certificate works fine. Thanks for the support, Marcello On Mon, Oct 23, 2017 at 9:53 PM, Aleksandar Lazic wrote: > Hi Marcello. > > on Mittwoch, 18. Oktober 2017 at 10:32 was

Re: Origin router and X-Forwarded-For

Hi Marcello. on Mittwoch, 18. Oktober 2017 at 10:32 was written: > Hi Aleks, > I already configured the 4 values and if I miss the intermediate CA > into the destinationCACertificate field the Origin GUI shows to me a > warning related to the certificate. The export of the command is : Are

Re: Origin router and X-Forwarded-For

Hi Aleks, I already configured the 4 values and if I miss the intermediate CA into the destinationCACertificate field the Origin GUI shows to me a warning related to the certificate. The export of the command is : apiVersion: v1 kind: Route metadata: creationTimestamp: null name:

Re: Origin router and X-Forwarded-For

Hi Marcello. on Dienstag, 17. Oktober 2017 at 09:11 was written: > Hi, > I'm using a re-encrypt configuration to preserve the x-forwrded-for > information. The configuration is: > > Name:                   callcentergw-dev-external > Namespace:              dev-shared > Created:                

Re: Origin router and X-Forwarded-For

Hi, I'm using a re-encrypt configuration to preserve the x-forwrded-for information. The configuration is: Name: callcentergw-dev-external Namespace: dev-shared Created:17 hours ago Labels: Annotations: Requested Host:

Re: Origin router and X-Forwarded-For

Hi Marcello. on Montag, 16. Oktober 2017 at 15:23 was written: > Hi, > I have tried it and it worked fine but the problem is override the > default wildcard certificate and configure a different certificate, > because it's not possible to configure the intermediate CA chain into > the admin

Re: Origin router and X-Forwarded-For

Hi, I have tried it and it worked fine but the problem is override the default wildcard certificate and configure a different certificate, because it's not possible to configure the intermediate CA chain into the admin panel. I tried to configure the CA cert with the root CA and the subordinate CA

Re: Origin router and X-Forwarded-For

Title: Re: Origin router and X-Forwarded-For Hi Marcello Lorenzi. have you used -servername in s_client? The ssl solution is based on sni ( https://en.wikipedia.org/wiki/Server_Name_Indication ) Regards Aleks on Donnerstag, 12. Oktober 2017 at 13:02 was written: Hi All, thanks

Re: Origin router and X-Forwarded-For

Hi All, thanks for the response and we checked the configuration. If I tried to check the certificated propagate with the passthrough configuration with openssl s_client and the certificate provided is the wilcard domain certificate and not the pod itself. Is it normal? Thanks, Marcello On Thu,

Re: Origin router and X-Forwarded-For

Title: Re: Origin router and X-Forwarded-For Hi. Additionally to joel suggestion can you also use reencrypted route if you want to talk encrypted with apache webserver. https://docs.openshift.org/3.6/architecture/networking/routes.html#re-encryption-termination Regards Aleks on Mittwoch, 11

Re: Origin router and X-Forwarded-For

Sorry I meant it say, it *cannot modify the http request in any way. On Thu, 12 Oct 2017 at 12:51 am, Joel Pearson wrote: > Hi Marcelo, > > If you use Passthrough termination then that means that OpenShift cannot > add the X-Forwarded-For header, because as the

Re: Origin router and X-Forwarded-For

Hi Marcelo, If you use Passthrough termination then that means that OpenShift cannot add the X-Forwarded-For header, because as the name suggests it is just passing the packets through and because it’s encrypted it can modify the http request in anyway. If you want X-Forwarded-For you will need

Origin router and X-Forwarded-For

Hi All, we tried to configure a route on Origin 3.6 with a Passthrough termination to an Apache webserver present into a single POD but we can't notice the X-Forwarded-Header to Apache logs. We tried to capture it without success. Could you confirm if there are some method to extract it from the