You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the enhancement:
Add the ability to access the /api/status using GET with HTTP even if the fleet server is configured for HTTPS.
Describe a specific use case for the enhancement or feature:
Some load balancers do not have the ability to check the response of a HTTPS request to a back end server and can only check the response of a HTTP request.
For example a Fortigate load balancer on a firewall can check the HTTP response to verify it received "{"name":"fleet-server","status":"HEALTHY"}" back from the fleet server but it is unable to do this for HTTPS. If you configure the fleet server for HTTPS then it will respond with "Client sent an HTTP request to an HTTPS server." with a status code of 400.
This should not pose as a security risk since it is just a status check of the server. Simply doing a TCP check is not enough because there are a issues with open file limits that the fleet server can hit which results in TCP opening a connection but the server not able to actually respond with a response. (Ticket 00975556)
The text was updated successfully, but these errors were encountered:
Describe the enhancement:
Add the ability to access the /api/status using GET with HTTP even if the fleet server is configured for HTTPS.
Describe a specific use case for the enhancement or feature:
Some load balancers do not have the ability to check the response of a HTTPS request to a back end server and can only check the response of a HTTP request.
For example a Fortigate load balancer on a firewall can check the HTTP response to verify it received "{"name":"fleet-server","status":"HEALTHY"}" back from the fleet server but it is unable to do this for HTTPS. If you configure the fleet server for HTTPS then it will respond with "Client sent an HTTP request to an HTTPS server." with a status code of 400.
This should not pose as a security risk since it is just a status check of the server. Simply doing a TCP check is not enough because there are a issues with open file limits that the fleet server can hit which results in TCP opening a connection but the server not able to actually respond with a response. (Ticket 00975556)
The text was updated successfully, but these errors were encountered: