Heat API is behind HAProxy which performs SSL termination. The connection between HAProxy and the Heat API is not SSL.
Using the Heat client the API is returning non-SSL references to the client.
This is a known issue. The solution is to leverage the Heat SSLMiddleware code.
New middleware to handle SSL termination proxies The Heat API doesn't behave properly if it is behind an SSL termination proxy. If this is the case, the HTTP redirections and the links returned in the REST response bodies are build using http protocol instead of https. To handle this situation, a new middleware was added. The purpose of the SSLMiddleware is to update the wsgi.url_scheme environment variable of the request with the value contained in an HTTP header that can be configured in heat.conf (by default: 'X-Forwarded-Proto')
- Red Hat OpenStack 6.0 (RHOS)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.