Bad Request error while login to Gluu

By: Kunal Shah user 02 Aug 2018 at 6:09 a.m. CDT

5 Responses
Kunal Shah gravatar
I installed Gluu server on Google Cloud Platform CentOS 7 - 2 core 4GB ram. Installation was successful. I have firewall rule set in CentOS 7 that redirects any request to port 80 to 443. After installation when I tried to browse the hostname via https (https://penguin.kunalshah.local) it showed me self signed cert error in google chrome. I proceeded and it redirected me to http://penguin.kunalshah.local/identity/login - now here I have a problem. I am receiving error 400 on the browser. Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please. I am not able to understand why it is hardcoded to use http especially when I am using https to browse and port 80 is redirected to 443? Is there a way to fix this? Gluu server ver is 3.1.3 Thanks in advanced.
CentOS 7.0
closed

Answers

By Thomas Gasmyr Mougang staff 02 Aug 2018 at 7:19 a.m. CDT

Copy
Thomas Gasmyr Mougang gravatar
Hi, **Make sure to open port 443 and 8080 under Firewall rules section in GCE Admin** . Test with another computer and try to use a cert sign by a CA(https://letsencrypt.org/). Thanks.

By Kunal Shah user 02 Aug 2018 at 7:33 a.m. CDT

Copy
Kunal Shah gravatar
Hi, why do we need 8080? and there is no problem with selfsign cert? why shouldn't selfsign not work? as per document request coming to port 80 should be redirected to 443. What about 8080? do we need that forwarding to 443 too ? tried with difference computer and the same result.

By Thomas Gasmyr Mougang staff 02 Aug 2018 at 8:13 a.m. CDT

Copy
Thomas Gasmyr Mougang gravatar
> why do we need 8080? I mean 80, You have to open both 80 and 443.

By Kunal Shah user 02 Aug 2018 at 8:24 a.m. CDT

Copy
Kunal Shah gravatar
Hi, it didn't work. I have 443 and 80 opened on my GCP firewall. Additionally, on the server I have this firewalld settings. ``` [root@gluu-server ~]# firewall-cmd --get-active-zones trusted interfaces: eth0 [root@gluu-server ~]# firewall-cmd --zone=trusted --permanent --list-all trusted target: ACCEPT icmp-block-inversion: no interfaces: sources: services: mosh https http ports: 8080/tcp 8080/udp protocols: masquerade: no forward-ports: port=80:proto=tcp:toport=443:toaddr= source-ports: icmp-blocks: rich rules: [root@gluu-server ~]# ``` But still, I get the same issue. However, it seems to be firewall issue because if I stop firewalld service, I am able to browse. Since this server is on the cloud, our system admin wants to lock it down except necessary ports. So what am I missing? which port needs to be open?

By Thomas Gasmyr Mougang staff 06 Aug 2018 at 1:07 a.m. CDT

Copy
Thomas Gasmyr Mougang gravatar
Hi, Open the 8080 port also and test it. Your system admin should check the firewall config and make sure they are applied on the right services/zones.

By Thomas Gasmyr Mougang staff 08 Aug 2018 at 1:59 a.m. CDT

Copy
Thomas Gasmyr Mougang gravatar
Hi, Still need assistance on this ticket?

Post an answer