A lot of you already have installed Axon Ivy 10.0 and some of you on Windows systems with an IIS as reverse proxy. We always highly recommend to use HTTPS and we also prefer to terminate SSL on reverse proxy (e.g. IIS) level. This will give you more performance and a easier setup.
Terminating SSL with NGINX and Apache as reverse proxy is working properly with the currently documented approach:
But there is a problem with IIS. IIS does not set the HTTP Header X-Forwarded-Proto
when forwarding the request to the Axon Ivy Engine. I'll tell you how you can achieve this:
1) First of all. You need to import your certificate, if you don't have one, yet. You can also generate a self-signed certificate. This can be done here.
2) Now you need to enable HTTPS for your site by adding https
as binding. There you can select your certificate.
P.S. I recommend to remove the HTTP binding. To disable the access over HTTP.
3) Next step is to allow the server variable HTTP_X-Forwarded-Proto
. Go to your website and double click on URL Rewrite, click on View Server Variables on the right side and add HTTP_X-Forwarded-Proto
as server variable.
4) Last but not least, you need to set this HTTP header for your route. Go to your website, double click on Url Rewrite
, double click on your route (e.g. ivy-route-all
). And add the server variable X-Forwarded-Proto
, with the value https
.
Done. Your IIS should serve the Axon Ivy Engine properly over HTTPS.
Happy URL-rewriting!