Problem
After accepting a self-signed certificate, the browser complains that scripts are being served in mixed mode:
Mixed Content: The page at 'https://<host>/browser' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://<host>/home'. This request has been blocked; the content must be served over HTTPS.
Cause
This error might occur when you use Apache mod_proxy
at your environment and external connection is secured, but internal one is not.
In this case the embedded Jetty webservice doesn't recognize that all external connections should be served in secured mode (over HTTPS) and keeps responding over HTTP.
Environment schema
User > HTTPS > Apache mod_proxy > HTTP > Datameers Jetty
Solution
In order to fix the issue, adjust Apache, Jetty, and Datameer settings.
-
Apache
Add the following line to the Apache config for the DatameerVirtualHost
section:RequestHeader set X-Forwarded-Proto "https" env=HTTPS
-
Jetty
In <datameer-install-path>/etc/jetty.xml
uncomment the following:<Call name="addCustomizer">
<Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
</Call> -
Datameer
Make sure that the correct hostname and protocol is set in <datameer-install-path>/etc/live.properties
forsystem.property.server.address:
# Define the address and port used to connect to DATAMEER. system.property.server.address=<host>:<port>
Restart Datameer and Apache to apply changes.
Comments
0 comments
Please sign in to leave a comment.