[Backlogmanager] [FIWARE-JIRA] (HELP-9411) [fiware-stackoverflow] Orion and Rush - HTTPS notifications over port 443

Fernando Lopez (JIRA) jira-help-desk at jira.fiware.org
Fri Jun 2 08:58:00 CEST 2017

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-9409) [fiware-stackoverflow] Rush installation and integration with Orion Context Broker
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-9413) [fiware-stackoverflow] SpagoBI: End user customized web page
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ https://jira.fiware.org/browse/HELP-9411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Fernando Lopez deleted HELP-9411:
---------------------------------


> [fiware-stackoverflow] Orion and Rush - HTTPS notifications over port 443
> -------------------------------------------------------------------------
>
>                 Key: HELP-9411
>                 URL: https://jira.fiware.org/browse/HELP-9411
>             Project: Help-Desk
>          Issue Type: Monitor
>            Reporter: Backlog Manager
>              Labels: fiware, fiware-orion
>
> Created question in FIWARE Q/A platform on 08-09-2015 at 13:09
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/32457050/orion-and-rush-https-notifications-over-port-443
> +Question:+
> Orion and Rush - HTTPS notifications over port 443
> +Description:+
> I have been trying to set up an Orion instance which would support subscription notifications to HTTPS (using Rush), but the handling of this seems to be a bit incorrect. Setting the notification url to e.g. https://www.example.com/path/ ends up at Rush as www.example.com:443/path/.
> This is unsafe and not up to standards, as such a request could actually avoid https by using the same port over http. In our company we have a proxy set up which refuses such requests as "Bad Request: You're speaking plain HTTP to an SSL-enabled server port". The same error comes up in the Rush consumer output, while direct curl requests to Rush without the port work ok. See this discussion for another argument that the current requests are incorrect: https://security.stackexchange.com/questions/46015/speaking-plain-http-over-an-ssl-enabled-server-port. Google refuses such requests as well.
> Our proxy is set up to redirect any http requests to https, but these do not work either, as Rush does not seem to follow the redirects.
> How can we avoid this issue? Modifying our proxy would be unsafe and not following standards, changing Orion would require recompiling from sources and changing Rush to remove the port would be a bit hacky. Any changes (like adding the port or removing/changing the protocol) to the notification URL do not help.
> EDIT: The command to run Orion was:
> /usr/bin/contextBroker -port 1026 -logDir /var/log/contextBroker -pidpath /var/log/contextBroker/contextBroker.pid -dbhost localhost -db orion -rush localhost:5001
> Rush (v 1.8.3) was installed with default values and Orion was updated from v0.14.1 to v0.23.0.



--
This message was sent by Atlassian JIRA
(v6.4.1#64016)

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-9409) [fiware-stackoverflow] Rush installation and integration with Orion Context Broker
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-9413) [fiware-stackoverflow] SpagoBI: End user customized web page
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Backlogmanager mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy