FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Running FusionAuth behind Apache Traffic Server (Reverse Proxy)

    Scheduled Pinned Locked Moved
    General Discussion
    2
    2
    3.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pdormehl
      last edited by

      Hi, we are having issues getting FusionAuth to activate behind our reverse proxy which is Apache Traffic Server.
      Pages load, but when we try and use fusionAuth, we get the following error.
      Web Server Error
      Description: The host requested did not return the document correctly.
      We dont get any errors on the home page.

      1 Reply Last reply Reply Quote 1
      • V
        vinicius.campitelli
        last edited by vinicius.campitelli

        Hi there!

        I don't have any experience with Apache Traffic Server to be honest but are you running your FusionAuth instance with HTTPS? If so, does Apache Traffic Server trust the FusionAuth certificate?

        I did manage to make it work locally by configuring the reverse proxy like shown on their docs and adding this mapping to the remap.config file:

        map http://fusionauth.local:8080/ http://fusionauth-fusionauth-1:9011/
        

        This will make it proxy requests to http://fusionauth-fusionauth-1:9011/ when it receives a request with Host: fusionauth.local:8080. Then, I added fusionauth.local to my /etc/hosts to point to Traffic Server.

        This was enough to reach the FusionAuth instance, but I still needed to configure some HTTP headers to make it function correctly. Using Traffic Server's header rewrite plugin, I changed the config above to:

        map http://fusionauth.local:8080/ http://fusionauth-fusionauth-1:9011/ @plugin=header_rewrite.so @pparam=fusionauth.conf
        

        And created a fusionauth.conf file with the needed headers:

        set-header X-Forwarded-Host %{CLIENT-URL:HOST}
        set-header X-Forwarded-Port %{CLIENT-URL:PORT}
        

        Please let me know if that works.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post