Enabling HTTPS - Camunda WebApp

Camunda 8 Topics
1

Hi,
I am trying to install Camunda web modeler - WebApp Component and I am trying to enable the HTTPS for the component have been unsuccessfull. what should be done, please suggest.

ConfigMap - camunda-platform-web-modeler-webapp-configuration

application.toml

httpWorkers = 2
httpPort=8443
managementHttpPort=9443

[restapi]
host = "camunda-platform-web-modeler-restapi"
port = "8443"
managementPort = "9443"

[server]
url = "https://camunda-platform-webmodeler-webapp-public/"
httpsOnly = "true"
#port= 8443

#[management.server]
#port= 9443

[oAuth2]
type = "KEYCLOAK"
clientId = "web-modeler"

[oAuth2.token]
jwksUrl = "https://camunda-platform-keycloak-public/auth/realms/camunda-platform/protocol/openid-connect/certs"
audience = "web-modeler-api"
issuer = "https://camunda-platform-keycloak-public/auth/realms/camunda-platform"

[pusher]
host = "app-b2bbpm-x0-camunda-platform-web-modeler-websockets"
port = "8060"

[client.pusher]
host = "camunda-platform-web-modeler-websockets"
port = "8060"
forceTLS = "false"

[identity]
baseUrl = "https://camunda-platform-identity-public-/identity"

{"message":"Master started","timestamp":"2024-05-03T11:05:05.000Z","severity":"INFO","pid":1}
{"message":"Using configuration {\n  \"httpBindAddress\": \"0.0.0.0\",\n  \"httpPort\": 8443,\n  \"httpWorkers\": 2,\n  \"managementHttpBindAddress\": \"0.0.0.0\",\n  \"managementHttpPort\": 9443,\n  \"shutdownTimeout\": 5000,\n  \"maintenanceMode\": false,\n  \"camundaCloudBaseDomain\": \"example.com\",\n  \"server\": {\n    \"httpsOnly\": true,\n    \"redirectHosts\": false,\n    \"host\": \"localhost\",\n    \"url\": \"https://camunda-platform-webmodeler-webapp-public-x0.apps.ckd.int.be.xpi.net.intra/\",\n    \"additionalRedirectHosts\": [],\n    \"additionalDestinationHosts\": [],\n    \"basePath\": \"\"\n  },\n  \"restapi\": {\n    \"host\": \"app-b2bbpm-x0-camunda-platform-web-modeler-restapi\",\n    \"port\": 8443,\n    \"managementPort\": 9443,\n    \"requestTimeout\": 30000,\n    \"requestSizeLimitBytes\": 3145728\n  },\n  \"oAuth2\": {\n    \"clientId\": \"web-modeler\",\n    \"type\": \"keycloak\",\n    \"token\": {\n      \"audience\": \"web-modeler\",\n      \"issuer\": \"https://camunda-platform-keycloak-public /auth/realms/camunda-platform\",\n      \"jwksUrl\": \"https://camunda-platform-keycloak-public /auth/realms/camunda-platform/protocol/openid-connect/certs\"\n    },\n    \"m2m\": {\n      \"connectorsApi\": {\n        \"audience\": \"audience\",\n        \"scope\": \"scope\"\n      }\n    }\n  },\n  \"pusher\": {\n    \"appId\": \"web-modeler\",\n    \"key\": \"hcjxjAdUK2VMtKZOP7sz\",\n    \"secret\": \"*****\",\n    \"host\": \"app-b2bbpm-x0-camunda-platform-web-modeler-websockets\",\n    \"port\": \"8060\"\n  },\n  \"client\": {\n    \"pusher\": {\n      \"key\": \"hcjxjAdUK2VMtKZOP7sz\",\n      \"host\": \"app-b2bbpm-x0-camunda-platform-web-modeler-websockets\",\n      \"port\": \"8060\",\n      \"path\": \"/\",\n      \"forceTLS\": false\n    },\n    \"sentry\": {\n      \"enabled\": false,\n      \"key\": \"*****\",\n      \"environment\": \"dev\"\n    }\n  },\n  \"mixpanel\": {\n    \"enabled\": false,\n    \"apiHost\": \"https://api-eu.mixpanel.com\",\n    \"stage\": \"dev\",\n    \"token\": \"token\"\n  },\n  \"play\": {\n    \"enabled\": true\n  },\n  \"osano\": {\n    \"token\": \"token\"\n  },\n  \"appcues\": {\n    \"enabled\": true\n  },\n  \"sentry\": {\n    \"enabled\": false,\n    \"key\": \"*****\",\n    \"environment\": \"dev\"\n  },\n  \"openai\": {\n    \"apiKey\": \"*****\"\n  },\n  \"features\": {\n    \"assetRefreshEnabled\": true,\n    \"trackTopbarEnabled\": true,\n    \"modelingTrackingEnabled\": true\n  },\n  \"identity\": {\n    \"baseUrl\": \"https://camunda-platform-identity-public /identity\"\n  },\n  \"zeebe\": {\n    \"bpmnDeploymentEnabled\": true,\n    \"dmnDeploymentEnabled\": true\n  },\n  \"importResources\": {\n    \"maxCountOfFiles\": 10,\n    \"maxAllowedSize\": 3145728\n  },\n  \"marketplace\": {\n    \"enabled\": true,\n    \"apiBaseUrl\": \"https://marketplace.cloud.camunda.io/api/v1\"\n  },\n  \"targetEnv\": \"dev\",\n  \"statsig\": {\n    \"enabled\": false\n  }\n}","timestamp":"2024-05-03T11:05:05.002Z","severity":"INFO","pid":1}
{"message":"Master setting up 2 worker(s)...","timestamp":"2024-05-03T11:05:05.006Z","severity":"INFO","pid":1}
{"message":"Management server listening on 0.0.0.0:9443","timestamp":"2024-05-03T11:05:05.068Z","severity":"INFO","pid":1}
{"message":"Worker 13 is online","timestamp":"2024-05-03T11:05:05.263Z","severity":"INFO","pid":1}
{"message":"Worker 14 is online","timestamp":"2024-05-03T11:05:05.280Z","severity":"INFO","pid":1}
{"message":"Worker started","timestamp":"2024-05-03T11:05:07.177Z","severity":"INFO","pid":14}
{"message":"Worker started","timestamp":"2024-05-03T11:05:07.267Z","severity":"INFO","pid":13}
(node:14) [DEP0152] DeprecationWarning: Custom PerformanceEntry accessors are deprecated. Please use the detail property.
(Use `node --trace-deprecation ...` to show where the warning was created)
{"message":"Server listening on 0.0.0.0:8443 (worker 14)","timestamp":"2024-05-03T11:05:07.368Z","severity":"INFO","pid":14}
{"message":"Server listening on 0.0.0.0:8443 (worker 13)","timestamp":"2024-05-03T11:05:07.466Z","severity":"INFO","pid":13}
(node:13) [DEP0152] DeprecationWarning: Custom PerformanceEntry accessors are deprecated. Please use the detail property.
(Use `node --trace-deprecation ...` to show where the warning was created)

Generated from kubelet on sn0kl2801300
4 times in the last 1 minute
Liveness probe failed: Get "https://172.21.38.251:9443/health/liveness": http: server gave HTTP response to HTTPS client
2

HI Guys,
Can anyone help me on this, I some tried to get the https enabled in camunda webapp. But when trying to login. Internally it seems to excute only HTTP request, After successfull Login, Web Modeler is again redirecting to Login Page


{"message":"Master started","timestamp":"2024-05-07T17:45:35.916Z","severity":"INFO","pid":1}
{"message":"Using configuration {\n \"httpBindAddress\": \"0.0.0.0\",\n \"httpPort\": 8080,\n \"httpWorkers\": 2,\n \"managementHttpBindAddress\": \"0.0.0.0\",\n \"managementHttpPort\": 9090,\n \"shutdownTimeout\": 5000,\n \"maintenanceMode\": false,\n \"camundaCloudBaseDomain\": \"example.com\",\n \"server\": {\n \"httpsOnly\": true,\n \"redirectHosts\": false,\n \"host\": \"localhost\",\n \"url\": \"https://camunda-platform-webmodeler-webapp-public-x0.apps.ckd.int.be.xpi.net.intra\",\n \"additionalRedirectHosts\": [],\n \"additionalDestinationHosts\": [],\n \"basePath\": \"\"\n },\n \"restapi\": {\n \"host\": \"app-b2bbpm-x0-camunda-platform-web-modeler-restapi\",\n \"port\": 8443,\n \"managementPort\": 9443,\n \"requestTimeout\": 30000,\n \"requestSizeLimitBytes\": 3145728\n },\n \"oAuth2\": {\n \"clientId\": \"web-modeler\",\n \"type\": \"keycloak\",\n \"token\": {\n \"audience\": \"web-modeler\",\n \"issuer\": \"https://camunda-platfo...
2024-05-07T17:45:35.963Z koa-router defined route [ 'HEAD', 'GET' ] /metrics
2024-05-07T17:45:35.965Z koa-router defined route [ 'HEAD', 'GET' ] /health/readiness
2024-05-07T17:45:35.965Z koa-router defined route [ 'HEAD', 'GET' ] /health/liveness
2024-05-07T17:45:35.966Z koa:application use dispatch
{"message":"Master setting up 2 worker(s)...","timestamp":"2024-05-07T17:45:36.014Z","severity":"INFO","pid":1}
Https Management server listing on port : 9443
{"message":"Management server listening on 0.0.0.0:9090","timestamp":"2024-05-07T17:45:36.074Z","severity":"INFO","pid":1}
{"message":"Worker 13 is online","timestamp":"2024-05-07T17:45:36.275Z","severity":"INFO","pid":1}
{"message":"Worker 14 is online","timestamp":"2024-05-07T17:45:36.283Z","severity":"INFO","pid":1}
{"message":"Worker started","timestamp":"2024-05-07T17:45:38.169Z","severity":"INFO","pid":13}
2024-05-07T17:45:38.178Z koa-router defined route [] ([^/]*)
2

image
image1737×941 112 KB

image
image1750×927 106 KB

error I see in the back end

2024-05-07T17:50:53.084Z BackendProxy

6042024-05-07T17:50:53.084Z BackendProxy iterate route-patterns for POST /internal-api/login?version=162579affa1e0bf7feea137df355cc68e3ed257e&lastRefreshAge=0

6052024-05-07T17:50:53.084Z BackendProxy matched { url: '/internal-api/*' }

6062024-05-07T17:50:53.085Z BackendProxy figured route { url: '/internal-api/*' }

607{"message":"Parse Error: Expected HTTP/","timestamp":"2024-05-07T17:50:53.091Z","severity":"ERROR","pid":14,"stack":"Error: Parse Error: Expected HTTP/\n at Socket.socketOnData (node:_http_client:540:22)\n at Socket.emit (node:events:518:28)\n at addChunk (node:internal/streams/readable:559:12)\n at readableAddChunkPushByteMode (node:internal/streams/readable:510:3)\n at Socket.Readable.push (node:internal/streams/readable:390:5)\n at TCP.onStreamRead (node:internal/stream_base_commons:190:23)"}

608{"message":"- \"POST /internal-api/login?version=162579affa1e0bf7feea137df355cc68e3ed257e&lastRefreshAge=0 HTTP/1.1\" 404 9 \"https://camunda-platform-webmodeler-webapp-public-x0.apps.ckd.int.be.xpi.net.intra/login-callback?state=f0b43035c8044fe7a0bb496f999f7ddb&session_state=53acdc7b-a83c-4220-a313-73d472b994cc&iss=https%3A%2F%2Fcamunda-platform-keycloak-public-x0.apps.ckd.int.be.xpi.net.intra%2Fauth%2Frealms%2Fcamunda-platform&code=69a0b46d-0284-4892-b14b-0afe2577977f.53acdc7b-a83c-4220-a313-73d472b994cc.71615b05-52df-4acb-8245-ed7c1d2da69e\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36\"","correlationId":"2fab8f1c-df60-4a67-9ff4-ed9b0bc80abc","timestamp":"2024-05-07T17:50:53.094Z","severity":"INFO","pid":14}

6092024-05-07T17:50:53.227Z koa-router GET /login-callback

6102024-05-07T17:50:53.228Z koa-router test ([^/]*) /^([^/]*)(?:[\/#\?](?=[]|$))?(?=[\/#\?]|[]|$)/i

6112024-05-07T17:50:53.228Z koa-router test / /^\/[\/#\?]?$/i

6122024-05-07T17:50:53.228Z koa-router test /guide /^\/guide[\/#\?]?$/i

613