Redirect Kong non SSL to SSL

Hey

So we have the following architecture to run our main website + APIs using Docker.

Kong Docker Container is on top of the following containers (Proxy) all the Kong API’s/Endpoints have Forced SSL to connect.

• CMS (Homepage URL: example. com.)
• Ecommerce (Homepage URL: example. com/ecommerce)
• Ecommerce API (Homepage URL: api.example. com/ecommerce)

So what I need to do is redirect example. com (non-SSL/HTTP) to https:// example. com
What I have tried right now is
create a custom nginx template

`
# ---------------------
# custom_nginx.template
# ---------------------

worker_processes ${{NGINX_WORKER_PROCESSES}}; # can be set by kong.conf
daemon ${{NGINX_DAEMON}};                     # can be set by kong.conf

pid pids/nginx.pid;                      # this setting is mandatory
error_log logs/error.log ${{LOG_LEVEL}}; # can be set by kong.conf

events {
    use epoll; # custom setting
    multi_accept on;
}

http {
    # include default Kong Nginx config
    include 'nginx-kong.conf';

    server {
	listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;
        return 301 https://$host$request_uri;
    }
}

and then start kongkong start --nginx-conf nginx_custom.template`

So even after this kong still does not redirect http: // example.com to https: // example.com

That is not a custom template. Custom template is like this:

That template does look valid to me. If no changes is required to the nginx-kong.conf sub-configuration, there are no reasons to override it in the nginx configuration template.

Thibault, correct but it then breaks the config file / ENV vars, e.g. changes to listen etc. don’t have effect.

How would you suggest then the redirection to happen ? I don’t really know LUA.

Those should still work (ENV vars are picked from the CLI before it outputs nginx.conf and nginx-kong.conf, and the CLI will also use the default template with all substitution variables before writing it to nginx-kong.conf, which this template then includes)

@gauravh Have you looked into this issue?

It describes common “gotchas” with the server block you defined, and also has a link to a plugin that claims to be doing the same.

So even after this kong still does not redirect http: // example.com to https: // example.com

If none of the above works, please post the output of your commands here so we can help you, otherwise we cannot guess for you what is going wrong

Oh, didn’t know it, but makes sense. Thanks for correcting me (twice).

well i haven’t really got an error from kong. So here’s what I tried so far
I made the custom nginx template.
Stopped Kong. (kong stop)
Started kong with the custom nginx conf (kong start --nginx-conf nginx_custom.template)

Kong started without any errors. Now when I try navigating over to

http: //domain. com it will still not redirect my request to https: // domain .com

Another option to avoid modifications of kong configuration template is to use the pre-function plugin (https://docs.konghq.com/hub/kong-inc/serverless-functions/) with the following function attached to a route or a service

local scheme = kong.request.get_scheme()
if scheme == "http" then
  local host = kong.request.get_host()
  local query = kong.request.get_path_with_query()
  local url = "https://" .. host ..query
  kong.response.set_header("Location",url)
  return kong.response.exit(302,url)
end

Hello!

An update on this topic: we are working on a native way of supporting HTTP to HTTPs redirects. You can follow the PR here:

We decided to introduce a new Route attribute, https_redirect_status_code, which, in the event of an HTTP request onto an HTTPS only Route, will determine the behavior followed by Kong (reject the request with HTTP 426, or redirect with HTTP 301/302, etc…). It is currently scheduled for inclusion in Kong 1.2.