Monday, June 15, 2015

Redirect all HTTP traffic to HTTPS when using the HTTP(S) Load Balancer on Google Compute Engine



I have HTTP/HTTPS Load Balancing set up on Google Compute Engine with 2 Global Forwarding Rules (HTTP and HTTPS). Each rule points to a back-end service with a protocol of HTTP.



I want all requests to http://* to go to https://*.



As the load balancer talks to the back-end services over HTTP I don't think I can get nginx on the back-end service to send back a 301.




I've tried a dozen small tweaks on google compute and they all end up with google compute returning a 502.



I'm sure somebody else has set this up before. Any tips or pointers in the right direction are much appreciated.


Answer



We have a similar setup using the HTTP / HTTPS load balancer and we managed to force HTTPS. Its not possible directly from the load balancer but you can set it up from your backend service.
The Google Cloud load balancer will set the X-Forwarded-Proto http header with either the value http or https. You check this header in your backend service (in our case Varnish but this could also be done in Nginx) and if the value is http then you send back a 301.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...