1

I have a SF project where I have two public services that are secured with HTTPS, and multiple "private" services that are not.

I'm running into an issue when I try to do a reverse proxy call to one of my public services from one of my private services I get a 404 Not Found.

The services are written in .Net core 3.1 and I use kestrel as my web server.

I'm presuming the issue has to do with the fact that my public service cannot be reached by the proxy because of the fact the HTTPS port is the only port being listened on by the kestrel server.

How would I allow kestrel to allow for HTTP calls from the reverse proxy and the public HTTPS endpoint?

Steve
  • 1,061
  • 10
  • 21
  • This might not work for you, but you could use a networking service like api management or application gateway to offload your ssl, leaving all the cluster traffic http. All inbound public access can be restricted using your nsg. – Oliver May 29 '20 at 20:27
  • Thanks @Oliver see my answer. – Steve Jun 01 '20 at 08:57

2 Answers2

1

I found the answer over here on this question.

Just again too re-iterate the importance of setting the unique name for ServiceInstanceListener.

Steve
  • 1,061
  • 10
  • 21
0

It also turns out for at least SF v 8.0.521.9590, the reverse proxy doesn't like spaces in listener names. When you specify the ListenerName with a space, it returns a 404.

// fails
yield return new ServiceInstanceListener(CreateSoapListener, "SOAP listener");
yield return new ServiceInstanceListener(CreateRestListener, "REST listener");

http://localhost:19081/ServiceInstanceName/Suffix?ListenerName=SOAP%20listener

// works
yield return new ServiceInstanceListener(CreateSoapListener, "SOAP");
yield return new ServiceInstanceListener(CreateRestListener, "REST");

http://localhost:19081/ServiceInstanceName/Suffix?ListenerName=SOAP
jasper
  • 3,424
  • 1
  • 25
  • 46