Hi Thomas,
thank you for your response!
I have tried your approach and set the host of the admin_host virtual host
to my routers name called "sls-coba-was-admin-sls-coba-
berlin-ffm.10.0.75.2.nip.io" and pointed it to the ports 9043, 9060, 443,
80
Furthermore, I have set the router to use TLS Termination "Passthrought"
with Insecure Traffic "Redirect":
However, the approach doesn't work and I get the following error that a
virtualhost to handle / has not been defined.
It seems that no virtual host could be found because the admin console
listens only on the path /ibm/console/login.do, which I cannot set if I use
the TLS termination passthrough.
Therefore, I tried TLS Termination "Edge" with Insecure Traffic "Allow"
after that in order to set the router path to "/ibm/console/login.do".
However, when I do that, I get the 502 Bad Gateway error:
I'm using the IBM WebSphere Application Server on OpenShift with security
settings enabled, but using a self-signed certificate (which is the default
settings for IBM WebSphere application server). Therefore, the port 9443
should be used since the connection was successful when I tried IBM
WebSphere application server running on Docker for Windows only.
The outputs of the oc describe commands looks at follows:
$ oc describe routes
Name: sls-coba-was-admin
Namespace: sls-coba-berlin-ffm
Created: 2 days ago
Labels: application=sls-coba
Annotations: openshift.io/host.generated=true
Requested Host: sls-coba-was-admin-sls-coba-
berlin-ffm.10.0.75.2.nip.io
exposed on router router 2 days ago
Path: /ibm/console/login.do
TLS Termination: edge
Insecure Policy: Allow
Endpoint Port: <all endpoint ports>
Service: sls-coba-was-admin
Weight: 100 (100%)
Endpoints: 172.17.0.5:9043
$ oc describe svc
Name: sls-coba-was-admin
Namespace: sls-coba-berlin-ffm
Labels: app=sls-coba-was
application=sls-coba
Annotations: <none>
Selector: deploymentconfig=sls-coba-was
Type: ClusterIP
IP: 172.30.203.107
Port: <unset> 9043/TCP
TargetPort: 9043/TCP
Endpoints: 172.17.0.5:9043
Session Affinity: None
Events: <none>
Is there any other solution to resolve this?
Do I have to add the self-signed certificate from WebSphere to the
OpenShift router?
Is maybe the handshaking process failing because the TLS Termination "Edge"
and the settings are not set right?
I would be very thankful if you could help us with this problem.
Regards,
Tien
>
>
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
