request help: http to https redirect

[haohello]

Issue description

Use the following code to enable the https redirect for the path /bar, however the https version of this path can't work correctly after this operation.

kubectl exec -it -n ingress-apisix apisix-7584d75d9-lg522 -- curl http://127.0.0.1:9080/apisix/admin/routes/40f73b2a -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PATCH -d '
{
	"uri": "/bar",
	"host": "code.devtaoism.com",
	"vars": [
		[
			"scheme",
			"==",
			"http"
		]
	],
	"plugins": {
		"redirect": {
			"uri" : "https://$host$request_uri",
			"ret_code": 301
		}
	}
}'

The screenshot of the logs for the http to https redirect:

Environment

• your apisix-ingress-controller version (output of apisix-ingress-controller version --long): latest version
• your Kubernetes cluster version (output of kubectl version): v1.23.6+k3s1
• if you run apisix-ingress-controller in Bare-metal environment, also show your OS version (uname -a): ubuntu 22.04

[tao12345666333]

The log shows that your certificate does not match the SNI

Maybe you should use your domain name to access instead of your IP

[haohello]

I'm using the domain name instead of IP address.

[haohello]

[haohello]

The path /foo hasn't been set any https redirect rules and is working correctly for the https. Once if you set the https redirect rule the same as above, https access will be the same as above with the same error.

The screenshot below is what it looks like when not setting any https redirect rules and only access the https version directly (without any redirection).

[haohello]

Any ideas how to resolve this issue?

[haohello]

??

[tokers]

@haohello What's your ApisixRoute definition for the HTTPS version? Then route object you shown above has the check for scheme so that only requests which protocol is HTTP can match it, after you redirect the request, two questions come in:

1. You don't have a certificate which CN or SANs match the domain code.devtaoism.com;
2. You don't have a route to match this request, so APISIX just returns 404;

What you need to do are:

1. configuring the SSL object for APISIX with the correct certificate and private key;
2. configuring a new Route match rule to accept requests even its protocol is HTTPS;

[haohello]

@tokers There is already a working SSL certificate configured for the domain name code.devtaoism.com which is clearly shown in the screenshot for the path /foo , and here is the link for your information, also already posted in this thread.

As I've already mentioned too many times, if there isn't any https redirect rules configured, the http and https work as expected.

With a simple search, clearly there are too many people already encountered with this issue. Here is another similar issue.

[haohello]

??

[haohello]

??

[tao12345666333]

Have you checked out this document? https://apisix.apache.org/docs/apisix/FAQ/#how-do-i-redirect-http-traffic-to-https-with-apache-apisix

[github-actions[bot]]

This issue has been marked as stale due to 90 days of inactivity. It will be closed in 30 days if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the [email protected] list. Thank you for your contributions.

[github-actions[bot]]

This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time.