Redirect Loop with HTTPS redirectScheme

crhuber · October 30, 2019, 1:23pm

Hello,
I want to enforce all traffic be served over https so I created a middleware to do so.

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: common-https-redirect
spec:
  redirectScheme:
    scheme: https
    permanent: true
    port: 443

kind: IngressRoute
metadata:
  name: entry-www-de
  namespace: conversions
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`www.mydomain.com`) && Path(`/`)
    kind: Rule
    services:
    - name: foo
      port: 80
    middlewares:
      - name: common-https-redirect
        namespace: traefik

However, when I apply it, it keeps going into a redirect loop

* Connected to www.mydomain.com (172.1.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: www.mydomain.com
> User-Agent: curl/7.64.1
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8
< Date: Wed, 30 Oct 2019 13:17:31 GMT
Date: Wed, 30 Oct 2019 13:17:31 GMT
< Location: https://www.mydomain.com/
Location: https://www.mydomain.com/
< Content-Length: 17
Content-Length: 17
< Connection: keep-alive
Connection: keep-alive

I have SSL termination on ELB . ELB configured with the Following Listeners

LB: HTTP: 80 , Instance Protocol HTTP
LB: HTTPS: 443, Instance Protocol HTTP , SSL Cert

How can I get the HTTPS redirection working without the loop. I want to keep SSL termination on the ELB

ldez · October 30, 2019, 1:44pm

hello,

could you provide the information to show how you are using the middleware.

crhuber · October 30, 2019, 2:54pm

Thanks for replying @ldez I updated question

ldez · October 30, 2019, 3:44pm

The TLS part is on the router, so you have to solution:

create 2 IngressRoutes: one on web with the redirection, and one on websecure without the redirection and with TLS.
create a global redirection (see other topics for more information), and one IngressRoute on websecure without redirection

https://docs.traefik.io/v2.0/routing/routers/#tls

MohamedMSaeed · January 2, 2020, 11:29am

Hello @ldez,

I'm facing the same issue. Should I create 2 IngressRoutes? I mean using "redirectScheme" middleware should redirect to https only if it was http.

Is there anyway to avoid duplicating my IngressRoutes?

zespri · January 3, 2020, 2:40am

Duplicating implies two instances of the same thing. This is not what was suggested. So no, no duplication is required. Two routes are needed for the solution to work.

Topic		Replies	Views
Redirecting loop with redirectScheme Traefik v2 kubernetes-ingress	6	992	May 27, 2022
Questions about the redirect from http to https Traefik v2 kubernetes-ingress , middleware	0	480	August 15, 2022
Http to https redirection through middlewares does not work unless globally enforced Traefik v2 docker , kubernetes-ingress , middleware	13	7255	July 24, 2023
HTTPS Redirect middleware with Google Kubernetes Engine Traefik v2 kubernetes-ingress , middleware	0	355	December 7, 2019
HTTP to HTTPS redirect Traefik v2 kubernetes-ingress	4	1278	August 13, 2020

Redirect Loop with HTTPS redirectScheme

Related Topics