Disabling plaintext HTTP in favour of HTTPS in the hawtio console of JBoss Fuse 6.x in fabric mode

Solution Verified - Updated -

Issue

The Fuse Security Guide gives the impression that plaintext HTTP can be disabled on the hawtio console, leaving only encrypted HTTPS access. This is true for stand-alone Fuse installations, but will not work when Fuse is running in fabric mode. Although the plaintext HTTP port can be disabled, and browsers forced to use HTTPS, making this change will intefere with normal operation of the fabric. In addition, it wil not be possible to deploy code to the fabric using the Maven fabric8 plugin, even if the HTTPS URL is used in the plugin configuration.

The modes of failure are subtle, and it is possible that not all installations will be affected. One problem that has been noted is that, when creating new containers from the hawtio console, the containers are displayed as permanently in the 'provisioning' state.

Please note in addition that the steps documented in the Security Guide, for configuration of the hawtio console for HTTPS operation, will not work in fabric mode. See this article for more information.

Environment

JBoss Fuse 6.x as part of a fabric; versions up to and including 6.1-redhat-379

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.