Ok. So i have problems with my httponly. I have used kong behind a nginx. here is the nginx settings:
# HTTPS server block for api.xx.xx
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name api.xx.xx;
ssl_certificate /etc/nginx/cert/xx.pem; # Use absolute paths
ssl_certificate_key /etc/nginx/cert/xx.pem;
# ssl_client_certificate /etc/nginx/cert/origin_ca_rsa_root.pem;
# ssl_verify_client on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://127.0.0.1:8443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache_bypass $http_upgrade;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cookie_path / "/; secure; HttpOnly";
xxxxx
When i have used this httponly coockie do not work, so either nginx or kong removes it. So i thought maybe we can run kong directly to cloudflare. So i have multiple subs as a records in cloudflare that directs to the same ip. If this is what i want to do, how to get kong to resolve the dns? so it gets the traffic for api.xx.xx?
So two questions here.
With nginx what should I do, i have tried with and without the httponly and a lot of otter settings, no httponly. Or should i run kong directly to the a record?