search

openziti / ngx_ziti_module

An NGINX module that allows OpenZiti to front upstream servers
Apache License 2.0
11 stars 0 forks source link

HTTPS get method does not work successfully #4

Closed dariuszSki closed 1 year ago

dariuszSki commented 1 year ago

I ran get method to 2 different API endpoints with the same result.

NGINX service configs:

ziti myZitiInstaceNameUsedForLogging {
    identity_file /home/ziggy/azure-nginx-01.json;

    bind akssand-d225fb69.4b98eb49-011c-426f-9ce3-edfa150aa84e.privatelink.centralus.azmk8s.io {
        upstream akssand-d225fb69.4b98eb49-011c-426f-9ce3-edfa150aa84e.privatelink.centralus.azmk8s.io:443;
    }

    bind helloworld {
        upstream 10.17.1.114:5000;
    }

    bind 414523ab-69ab-47af-a99d-48467720a1c4.production.netfoundry.io {
        upstream 414523ab-69ab-47af-a99d-48467720a1c4.production.netfoundry.io:443;
    }
}

NGINX Debug logs:


service = 414523ab-69ab-47af-a99d-48467720a1c4.production.netfoundry.io

2022/12/07 23:42:09 [debug] 58552#58559: writing upstream
2022/12/07 23:42:09 [debug] 58552#58559: wrote 239d
2022/12/07 23:42:09 [debug] 58552#58559: writing to client
2022/12/07 23:42:09 [debug] 58552#58559: --wrote 2399d
2022/12/07 23:42:09 [debug] 58552#58559: writing upstream
2022/12/07 23:42:09 [debug] 58552#58559: wrote 94d
2022/12/07 23:42:09 [debug] 58552#58559: writing upstream
2022/12/07 23:42:09 [debug] 58552#58559: wrote 232d
2022/12/07 23:42:09 [debug] 58552#58559: writing to client
2022/12/07 23:42:09 [debug] 58552#58559: --wrote 24d
2022/12/07 23:42:09 [debug] 58552#58559: closing, upstream disconnected
2022/12/07 23:42:09 [debug] 58552#58559: service client thread exited

service = akssand-d225fb69.4b98eb49-011c-426f-9ce3-edfa150aa84e.privatelink.centralus.azmk8s.io

2022/12/07 23:56:35 [debug] 58552#58560: writing upstream
2022/12/07 23:56:35 [debug] 58552#58560: wrote 239d
2022/12/07 23:56:35 [debug] 58552#58560: writing to client
2022/12/07 23:56:35 [debug] 58552#58560: --wrote 2529d
2022/12/07 23:56:35 [debug] 58552#58560: writing upstream
2022/12/07 23:56:35 [debug] 58552#58560: wrote 94d
2022/12/07 23:56:35 [debug] 58552#58560: writing upstream
2022/12/07 23:56:35 [debug] 58552#58560: wrote 256d
2022/12/07 23:56:35 [debug] 58552#58560: writing to client
2022/12/07 23:56:35 [debug] 58552#58560: --wrote 24d
2022/12/07 23:56:35 [debug] 58552#58560: closing, upstream disconnected
2022/12/07 23:56:35 [debug] 58552#58560: service client thread exited

Client Side Responses:

dsliwinski:/mnt/c/Users/dsliwinski/Repos/go-http$ build/ziti-client-resty -n 414523ab-69ab-47af-a99d-48467720a1c4.production.netfoundry.io -i ../sdk-golang/example/build/dariusz-curlz.json -s
2022/12/07 18:42:09 Error: Get "https://414523ab-69ab-47af-a99d-48467720a1c4.production.netfoundry.io": net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x17\x03\x03\x00\x13ї\xa5HH\x1a\xb6\xe0qsD\xf0tZ\xd2F\xb5\xd4\xd6"
2022/12/07 18:42:09 
dsliwinski:/mnt/c/Users/dsliwinski/Repos/go-http$
dsliwinski:/mnt/c/Users/dsliwinski/Repos/go-http$ build/ziti-client-resty -n akssand-d225fb69.4b98eb49-011c-426f-9ce3-edfa150aa84e.privatelink.centralus.azmk8s.io -i ../sdk-golang/example/build/dariusz-curlz.json -s
2022/12/07 18:58:09 Error: Get "https://akssand-d225fb69.4b98eb49-011c-426f-9ce3-edfa150aa84e.privatelink.centralus.azmk8s.io": net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x17\x03\x03\x00\x13Q\xff\fU\x8b\xa9\xa6\x86nR\xbc3gה\xa4{c\x14"
2022/12/07 18:58:09 
dsliwinski:/mnt/c/Users/dsliwinski/Repos/go-http$
dariuszSki commented 1 year ago

It looks like the module uses http instead of https based on the wireshark capture.

dariuszSki commented 1 year ago

I switched to the zde on the client side from the zitified go apps and seems to be working fine. Thus , it means the problem is with the client go app, then the module. Will close this.