I am trying to setup a TLS connection from my angular app to Kong to proxy my node backend services. I cannot successfully get a HTTPS connection to port 8443 on Kong, although everything works fine on the HTTP session on port 8000. The code for the Kong docker-compose startup is below
kong:
image: kong:latest
restart: always
environment:
KONG_PG_HOST: kong-database
KONG_PROXY_LISTEN: 0.0.0.0:8000
KONG_PROXY_LISTEN_SSL: 0.0.0.0:8443
KONG_ADMIN_LISTEN: 0.0.0.0:8001
KONG_SSL: "on"
KONG_SSL_CERT: /certs/minica.pem
KONG_SSL_CERT_KEY: /certs/minica.key
depends_on:
- kong-database
healthcheck:
test: ["CMD", "curl", "-f", "http://kong:8001"]
interval: 5s
timeout: 2s
retries: 15
volumes:
- /Users/jamesbissett/repo/backend/infra/kong/logs:/usr/local/kong/logs
- /Users/jamesbissett/Documents/GitHub/minica:/certs
ports:
- "8001:8001"
- "8000:8000"
- "8443:8443"
When i try the url with insomnia I get the following results
* Preparing request to https://kong:8443/check
* Using libcurl/7.64.1 (SecureTransport) LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
* Current time is 2020-01-06T12:47:00.336Z
* Disable timeout
* Enable automatic URL encoding
* Disable SSL validation
* Enable cookie sending with jar of 0 cookies
* Hostname kong was found in DNS cache
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to kong (127.0.0.1) port 8443 (#129)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to kong:8443
* Closing connection 129
The above url resolves and proxies to the correct service with HTTP on port 8000. I am at a loss where to look next any help would be appreciated. I would also like to connect the admin port through SSL as well to secure this communication (everything works fine currently on port 8001).