I have a site that's serving PHP with Apache and it retrieves data from my node-RED application. I originally was using file_get_contents() to fetch data from node-RED's HTTP endpoints but I don't think this is ideal. Moreover, if I avoid this I can disable allow_url_fopen directive in my php config.
I've done some research, including reading this thread, and I got soooo close with the reverse proxy solution. I'm able to successfully serve JSON data through apache and it comes through as SSL secured. Great!
Only problem remaining is that I'm still stuck using the admin interface through the unsecured port. So, I set up a proxy for the admin path just like the other endpoints, and it serves the login page just fine -but- won't let me log in, yet login works fine if I go to the unsecured port.
I read some things about cross origin form posting but I can't figure out what's going on.
<VirtualHost *:443>
ServerName recipes.ddns.me
SSLEngine on
SSLCertificateFile "pem"
SSLCertificateChainFile "pem"
SSLCertificateKeyFile "pem"
ProxyRequests On
ProxyVia On
ProxyPreserveHost On
<Location /node-red-admin>
Order deny,allow
Deny from all
Allow from <my ip>
</Location>
ProxyRequests Off # don't understand why this line is here
#using HTTP because I get a certificate authority authenticity error when I try node-red's https interface
# I'm suppose to be able to fix that with this commend:
# sudo apt-get install ca-certificates
# but it crashes on mysql update
ProxyPass "/_fetch" "http://localhost:40204/_fetch"
ProxyPassReverse "/_fetch" "http://localhost:40204/_fetch"
ProxyPass "/_local" "http://localhost:40204/_local"
ProxyPassReverse "/_local" "http://localhost:40204/_local"
ProxyPass "/node-red-admin" "http://localhost:40204/node-red-admin"
ProxyPassReverse "/node-red-admin" "http://localhost:40204/node-red-admin"
</VirtualHost>
46,8 Bot
If I change the proxy endpoint to https: instead of http I get 500 internal server error. I don't understand what is happening, does anyone have any clues?
Found a way around what I was trying to do. I had to enable SSLProxyEnable = On directive in apache, Now the proxies to the https addresses work and so everything is happily working together now.