You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using the docker version of ios-signer-service with port 8080->42270.
Accessing the website via my Nginx reverse proxy gives ERR_TOO_MUCH_REDIRECT with Chrome with a lot of HTTP 302.
When testing with curl http://127.0.0.1:42270 -L -vvv, here is the encountered error:
curl http://127.0.0.1:42270 -L -vvv
* Expire in 0 ms for 6 (transfer 0x5649d127aee0)
* Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x5649d127aee0)
* Connected to 127.0.0.1 (127.0.0.1) port 42270 (#0)
> GET / HTTP/1.1
> Host: 127.0.0.1:42270
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Location: https://127.0.0.1:42270/
< Date: Mon, 02 Aug 2021 03:41:56 GMT
< Content-Length: 0
<
* Connection #0 to host 127.0.0.1 left intact
* Issue another request to this URL: 'https://127.0.0.1:42270/'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x5649d127aee0)
* Connected to 127.0.0.1 (127.0.0.1) port 42270 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 1
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Adding redirect_https: false to signer-cfg.yml does not work as this line is removed from the file on docker run.
To reproduce
Proceed to a fresh installation with the image, use the default signer-cfg.yml.
Expected behavior
Connecting to http://127.0.0.1:8080 should not automatically redirect to https://127.0.0.1:8080. The HTTPS redirection seems forced despite having the possibility to disable it.
Hello, thanks for the detailed report. redirect_https: false is a default option - it should be automatically added to your config file on every run, even if you delete it, unless you just changed it to true. If a line is automatically deleted from the config file, that means the program did not recognize it - it's either in the wrong place/indentation, or it has a wrong name. I just tested both a Docker instance and a standalone instance with v2.4.4. Both had redirect_https: false by default, and the line worked as expected - no redirection was performed at all. It's a very strange issue you're having - are you sure you are running v2.4.4 and your nginx conf doesn't do any redirects instead? Try running the program without a config file - it should generate you a default template file, just add your stuff to that template and see how it goes.
Ok so it appeared that docker didn't pull the latest image. The one I got was 2 months ago and it is now working. The weird thing is, even if the image I got was 2 months older, it suddenly stopped working recently. I think we can just close the issue. Thank you.
I tried basic troubleshooting first
Describe the bug
I'm using the docker version of ios-signer-service with port
8080->42270
.Accessing the website via my Nginx reverse proxy gives
ERR_TOO_MUCH_REDIRECT
with Chrome with a lot of HTTP 302.When testing with
curl http://127.0.0.1:42270 -L -vvv
, here is the encountered error:Adding
redirect_https: false
tosigner-cfg.yml
does not work as this line is removed from the file ondocker run
.To reproduce
Proceed to a fresh installation with the image, use the default signer-cfg.yml.
Expected behavior
Connecting to
http://127.0.0.1:8080
should not automatically redirect tohttps://127.0.0.1:8080
. The HTTPS redirection seems forced despite having the possibility to disable it.System configuration
The text was updated successfully, but these errors were encountered: