https://kotlinlang.org logo
#ktor
Title
# ktor
h

Helio

08/31/2020, 10:33 PM
Hello guys! I was wondering if someone could give me a hand configuring a proxy using Ktor with CIO engine. I’ve been struggling to get it worked… I’m constantly receiving exceptions such as:
j

jorge.rego

08/31/2020, 11:13 PM
Did you try to use a Nginx instance to deal with certificate? there are some docker containers that will handle everything, removing and attaching certificate, autorenew on expiration… Have a look here, maybe this can help on getting rid of TLS at server level. https://github.com/nginx-proxy/nginx-proxy
h

Helio

08/31/2020, 11:14 PM
hello @jorge.rego, thanks for trying to help. As far as I’m aware we do have it.
The main problem I noticed is that. Our proxy needs to receive a request using the port 8080 and to endpoint needs to be made under the port 443 (https). Example. curl -v -x my-proxy.net.domain.com:8080 https://my-staging.app.net
I’m inclined to say that this is a bug with CIO Engine. I tested with the Apache Engine and it’s working. I will probably try to raise an issue or PR to fix it.
j

jorge.rego

09/01/2020, 11:17 AM
So you cannot use 443 as Nginx external port? Did you try to use 8080 ssl in Nginx config? If you cannot use 8080 as ssl in Nginx, did you try to redirect from 8080 -> 443 at Nginx level? I hope this helps, I’m not the biggest expert in Nginx and reverse proxy… https://serverfault.com/questions/750334/nginx-accept-http-https-requests-on-two-different-ports
h

Helio

09/01/2020, 10:01 PM
My take from the problem was. I need to make the request to the proxy using HTTP Protocol, whereas to the endpoint URL it needs to be HTTPS. However, when using CIO engine, no matter what, the request will be done using the same protocol for both. That was my take
j

jorge.rego

09/03/2020, 12:15 PM
What I did was to setup TLS handling in Nginx, so all the requests are done through HTTPS. Then Nginx removes TLS after verifying certificate, redirects request without TLS to the specific server and when response comes back from your server, it attaches TLS again. So you don’t need to worry about TLS at server level. You can check how to do it by looking for Nginx reverse proxy with TLS. I hope this helps.
h

Helio

09/03/2020, 10:03 PM
I will take a look on what you said. Thanks heaps @jorge.rego!
👍 1