Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1058840 - Issues with secure websockets
Summary: Issues with secure websockets
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: OpenShift Online
Classification: Red Hat
Component: Containers
Version: 2.x
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
: ---
Assignee: Rory Thrasher
QA Contact: libra bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-28 15:40 UTC by Nikhil Mone
Modified: 2018-12-09 17:27 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-05-31 18:22:11 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Nikhil Mone 2014-01-28 15:40:31 UTC
Description of problem:

For requests made  on port 8443, the proxy server is always using the *.rhcloud.com SSL certificate, even for apps which have custom SSL certs


Version-Release number of selected component (if applicable):


How reproducible:

# curl -I -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: www.abc.com" https://www.abc.com:8443
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.


Steps to Reproduce:
1.
2.
3.

Actual results:

the proxy server is always using the *.rhcloud.com SSL certificate

Expected results:

It should use the custom certificate associated with app.

Additional info:

Comment 1 Mrunal Patel 2014-01-30 01:26:32 UTC
This hasn't been implemented yet. I have added a card to track this feature request.

https://trello.com/c/YXoKyA8d/399-add-custom-ssl-support-for-node-web-proxy

Comment 4 Josep 'Pep' Turro Mauri 2014-12-03 11:37:52 UTC
(In reply to Kenjiro Nakayama from comment #3)
> Looks same with https://bugzilla.redhat.com/show_bug.cgi?id=1160380

Yes. And from that bz, the "new" trello card is here:

https://trello.com/c/EzMdQCQn/571-add-per-app-ssl-certificate-support-to-the-nodejs-websocket-frontend-plugin

Comment 6 Mrunal Patel 2015-12-14 23:16:49 UTC
Eric Jones,
I don't see the card either. We need a new card for this as it hasn't been implemented yet.

Comment 14 paulrbr 2017-04-01 23:48:33 UTC
Hello,

I have been wondering why I can't reach my custom domain secured websocket until I found this open bug.

Is there any possibility to fix this on Openshift Online? Do you know if thus will be fixed one day?

Thanks for the help,

Comment 15 Eric Paris 2017-05-31 18:22:11 UTC
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.


Note You need to log in before you can comment on or make changes to this bug.