[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: IBM WebSphere Application Server on OpenShift Origin

Hi Tien,

2 ideas:
1) what happens when you define a "PassThrough" route  and do a request including the path: "https://sls-coba-was-admin-sls-coba-berlin-ffm."  ?
2) VirtualHost "default_host" will (per default) have a vhost mapping "*:80" and "*:443" .Can you remove these two during these tests, to be sure they do not interfere?

regards Thomas

On Fri, Jun 29, 2018 at 9:58 AM Tien Hung Nguyen <tienhng nguyen gmail com> wrote:
Hi Thomas,

thank you for your response!

I have tried your approach and set the host of the admin_host virtual host to my routers name called "sls-coba-was-admin-sls-coba-berlin-ffm." and pointed it to the ports 9043, 9060, 443, 80 

Furthermore, I have set the router to use TLS Termination "Passthrought" with Insecure Traffic "Redirect":

However, the approach doesn't work and I get the following error that a virtualhost to handle / has not been defined.

It seems that no virtual host could be found because the admin console listens only on the path /ibm/console/login.do, which I cannot set if I use the TLS termination passthrough.

Therefore, I tried TLS Termination "Edge" with Insecure Traffic "Allow" after that in order to set the router path to "/ibm/console/login.do". However, when I do that, I get the 502 Bad Gateway error:

I'm using the IBM WebSphere Application Server on OpenShift with security settings enabled, but using a self-signed certificate (which is the default settings for IBM WebSphere application server).  Therefore, the port 9443 should be used since the connection was successful when I tried IBM WebSphere application server running on Docker for Windows only.

The outputs of the oc describe commands looks at follows:

$ oc describe routes
Name:                   sls-coba-was-admin
Namespace:              sls-coba-berlin-ffm
Created:                2 days ago
Labels:                 application=sls-coba
Annotations:            openshift.io/host.generated=true
Requested Host:         sls-coba-was-admin-sls-coba-berlin-ffm.
                          exposed on router router 2 days ago
Path:                   /ibm/console/login.do
TLS Termination:        edge
Insecure Policy:        Allow
Endpoint Port:          <all endpoint ports>

Service:        sls-coba-was-admin
Weight:         100 (100%)

$ oc describe svc
Name:              sls-coba-was-admin
Namespace:         sls-coba-berlin-ffm
Labels:            app=sls-coba-was
Annotations:       <none>
Selector:          deploymentconfig=sls-coba-was
Type:              ClusterIP
Port:              <unset>  9043/TCP
TargetPort:        9043/TCP
Session Affinity:  None
Events:            <none>

Is there any other solution to resolve this?
Do I have to add the self-signed certificate from WebSphere to the OpenShift router?

Is maybe the handshaking process failing because the TLS Termination "Edge" and the settings are not set right?

I would be very thankful if you could help us with this problem.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]