<div dir="ltr">Hi Stuart <div><br></div><div>Thanks for this. I tried the example with a proxy server that has a valid ssl context, byte buffer slice pool, undertow xnio ssl with worker, and load balancing proxy client as per your example. Using 1.2.12.Final</div><div><br></div><div>On the receiving webserver (which works fine with other https: and other SSL requests) I have enabled SSLCLientMode.Required and other settings similar to DefaultServer. This works when I go direct to the webserver in the browser - I can use it normally but when I use the proxy and issue a https request I get:</div><div><br></div><div><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">ERROR proxy - UT005028: Proxy request to / failed<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">java.io.IOException: overflow<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.protocols.ssl.SslConduit.doWrap(SslConduit.java:801)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.protocols.ssl.SslConduit.write(SslConduit.java:336)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpRequestConduit.processWrite(HttpRequestConduit.java:321)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpRequestConduit.flush(HttpRequestConduit.java:573)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.conduits.AbstractFixedLengthStreamSinkConduit.flush(AbstractFixedLengthStreamSinkConduit.java:229)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at org.xnio.conduits.ConduitStreamSinkChannel.flush(ConduitStreamSinkChannel.java:162)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientConnection.initiateRequest(HttpClientConnection.java:299)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientConnection.sendRequest(HttpClientConnection.java:228)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyHandler$ProxyAction.run(ProxyHandler.java:502)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.util.SameThreadExecutor.execute(SameThreadExecutor.java:35)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.HttpServerExchange.dispatch(HttpServerExchange.java:759)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyHandler$ProxyClientHandler.completed(ProxyHandler.java:269)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyHandler$ProxyClientHandler.completed(ProxyHandler.java:245)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyConnectionPool.connectionReady(ProxyConnectionPool.java:292)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyConnectionPool.access$800(ProxyConnectionPool.java:54)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyConnectionPool$1.completed(ProxyConnectionPool.java:245)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.server.handlers.proxy.ProxyConnectionPool$1.completed(ProxyConnectionPool.java:233)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientProvider.handleConnected(HttpClientProvider.java:163)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientProvider.access$000(HttpClientProvider.java:50)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientProvider$2.handleEvent(HttpClientProvider.java:126)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.client.http.HttpClientProvider$2.handleEvent(HttpClientProvider.java:123)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.protocols.ssl.UndertowXnioSsl$StreamConnectionChannelListener.handleEvent(UndertowXnioSsl.java:312)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at io.undertow.protocols.ssl.UndertowXnioSsl$StreamConnectionChannelListener.handleEvent(UndertowXnioSsl.java:294)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at org.xnio.nio.WorkerThread$ConnectHandle.handleReady(WorkerThread.java:324)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> at org.xnio.nio.WorkerThread.run(WorkerThread.java:539)<u></u><u></u></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><u></u> </p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Will the proxy forward the browser cert to the webserver or is there some other cause? I cannot share any code but any pointers are appreciated.</p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"> </p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Thanks</p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Devl</p></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Sep 14, 2015 at 2:17 AM, Stuart Douglas <span dir="ltr"><<a href="mailto:sdouglas@redhat.com" target="_blank">sdouglas@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">And example of this can be found in this test:<br>
<br>
<a href="https://github.com/undertow-io/undertow/blob/master/core/src/test/java/io/undertow/server/handlers/proxy/LoadBalancingProxyHttpsTestCase.java" rel="noreferrer" target="_blank">https://github.com/undertow-io/undertow/blob/master/core/src/test/java/io/undertow/server/handlers/proxy/LoadBalancingProxyHttpsTestCase.java</a><br>
<br>
Stuart<br>
<span class=""><br>
----- Original Message -----<br>
> From: "Devl Devel" <<a href="mailto:devl.development@gmail.com">devl.development@gmail.com</a>><br>
> To: <a href="mailto:undertow-dev@lists.jboss.org">undertow-dev@lists.jboss.org</a><br>
> Sent: Saturday, 12 September, 2015 12:00:48 AM<br>
> Subject: [undertow-dev] Some help on Reverse Proxy Server<br>
><br>
> At present the git example for Reverse Proxy is a non https/ssl example.<br>
><br>
><br>
> <a href="https://github.com/undertow-io/undertow/blob/master/examples/src/main/java/io/undertow/examples/reverseproxy/ReverseProxyServer.java" rel="noreferrer" target="_blank">https://github.com/undertow-io/undertow/blob/master/examples/src/main/java/io/undertow/examples/reverseproxy/ReverseProxyServer.java</a><br>
><br>
> Please can you help with an example using SSL and https?<br>
><br>
</span>> I take it the .addHost( new URI ( " <a href="http://localhost:8081" rel="noreferrer" target="_blank">http://localhost:8081</a> " ) method<br>
<span class="">><br>
> needs and XNioSSL object to work with https redirection? If so, please can<br>
> you provide an example of how to configure this?<br>
><br>
> Thanks<br>
> Devl<br>
><br>
><br>
><br>
</span>> _______________________________________________<br>
> undertow-dev mailing list<br>
> <a href="mailto:undertow-dev@lists.jboss.org">undertow-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/undertow-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/undertow-dev</a><br>
</blockquote></div><br></div>