Reputation: 302
How to use Spring Cloud Netflix Zuul as SSL reverse proxy
I've setup a simple Spring Boot application with Spring Cloud Zuul via @EnableZuulProxy annotation as reverse Proxy for some other backend applications deployed as separate microservices.
The zuul reverse proxy is acting as an API gateway in front of the various backend services.
Since this API gateway is the only external reachable destination, it also acts as single secured entry point via HTTPS. The proxied backend services are not secured separately, so they just using plain HTTP.
In the past I was using Nginx for this setup and I am now evaluating Spring Cloud Netflix Zuul as an replacement with Eureka service discovery but it seems that Zuul is not adding the required X-Forwarded-Proto: https HTTP header.
How can I tell zuul to act as SSL proxy for non-secured HTTP backend services?
Upvotes: 2
Views: 2401
Answers (1)
Reputation: 302
Just figured out that spring-cloud-netflix is adding the X-Forwarded-* HTTP headers and therefore responsible for them.
Filed a PR for adding the X-Forwarded-Proto header to their org.springframework.cloud.netflix.zuul.filters.pre.PreDecorationFilter at https://github.com/spring-cloud/spring-cloud-netflix/pull/515
Upvotes: 1
Related Questions
- Zuul routing the requests through an external proxy server
- Spring Boot + Cloud | Zuul Proxy | Integration testing
- Zuul reverse proxy with Keycloak server
- How to forward to different path using netflix zuul?
- Spring OAuth Authorization Server behind Spring Cloud Zuul Proxy
- Zuul proxy and ssl
- Netflix Zuul stop redirecting / enable reverse-proxy
- Simple Reverse Proxy with Spring Boot and Netflix Zuul
- Spring cloud, Zuul https
- Zuul Proxy HTTPS Forwarding Error