Cannot access https server via tunnel

microsoft / dev-tunnels

Dev Tunnels SDK

MIT License

297 stars 21 forks source link

Cannot access https server via tunnel #409

Closed oclipa closed 8 months ago

oclipa commented 8 months ago

I am running an HTTPS service locally, which I can access successfully on https://localhost:6001 (using Postman). If I expose this service via a tunnel and then try to access it via the tunnel URL (e.g. https://abcdefgh-6001.euw.devtunnels.ms), the connection fails with a 502 Bad Gateway and the server reports "Failed to authenticate HTTPS connection." and "Cannot determine the frame size or a corrupted frame was received.".

If I run the diagnostic server (devtunnel echo http -p 6001) the connection via the tunnel works just fine.

Do you have any idea what the problem may be? What might I do to investigate this further?

derekbekoe commented 8 months ago

When hosting, you can specify --protocol https. See examples in https://learn.microsoft.com/en-us/azure/developer/dev-tunnels/cli-commands#host-a-dev-tunnel. Does that help?

oclipa commented 8 months ago

Yes, thanks, that worked. Having said that, it appears that I cannot use the --protocol option if I include a host id in the host command, e.g.:

C:\Users\Me> devtunnel --protocol https --port-numbers 6001 host blue-boat-619x1t7
'--protocol' was not matched. Did you mean '--protocol'?
'--port-numbers' was not matched. Did you mean '--port-numbers'?
Unrecognized command or argument '--protocol'
Unrecognized command or argument 'https'
Unrecognized command or argument '--port-numbers'
Unrecognized command or argument '6001'

Am I missing something?

Also, it appears that once I create a host, it doesn't always get persisted (devtunnel list returns an empty list). Is that to be expected?

derekbekoe commented 8 months ago

It should be devtunnel host blue-boat-619x1t7 --protocol https --port-numbers 6001. Does that work?

Also, it appears that once I create a host, it doesn't always get persisted (devtunnel list returns an empty list). Is that to be expected?

If you want to keep the same tunnel, you can use:

devtunnel create mytunnel
devtunnel port create mytunnel -p 6001 --protocol https
devtunnel host mytunnel

oclipa commented 8 months ago

Thanks again. If run a command similar to devtunnel host blue-boat-619x1t7 --protocol https --port-numbers 6001, I get the following error:

Tunnel service error: Invalid arguments. Batch update of ports is not supported. Add, update, or delete ports individually instead.

derekbekoe commented 8 months ago

You're right - that command as it doesn't work. Sorry about that!

However, you can achieve it with the other commands I mentioned above where you create the tunnel first, create a port on the tunnel with protocol https and finally, host it.

oclipa commented 8 months ago

Yes, we now have the tunnel working successfully. Thanks for the help