Question

Is it possible to disable the automatic HTTPS for Apps and stop offloading?

Posted November 6, 2021 92 views
SecurityDigitalOcean App Platform

I have created an App instance using a Docker image which does its own TLS (with auto renewal etc.). Deploying was successful, but then it occurred to me that it is not possible to disable the automatic TLS/HTTPS on the reverse proxy used for Apps?

Right now, I get the error that “HTTP traffic was send to HTTPS”. This means that the reverse proxy is doing offloading of HTTPS and send traffic plain (insecure) to the Apps.

This makes the Apps Platform not as secure as it seems. It must be possible to have Client to App without offloading. If there is a configuration I have missed, that would be great.
Or I have to setup my own reverse-proxying in Kubernetes? (bit much for the App hehe)

Cheers,
Geert

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hey @geertjmvdk,

Currently in App Platform it isn’t possible to disable HTTPS with the built in SSL provided in App Platform. It sounds like you are looking to do SSL passthrough to your app rather then the default SSL termination. We don’t support this currently and I would suggest adding that to our Ideas Page. In the meantime a Kubernetes or droplet setup would be needed to use that.

Hope it helps!
Nate

  • Thanks Nate.

    Yes, “termination” I meant, or “passthrough”. Seeing how unnecessary complicated it is in k8s, I can see why it is not supported right now.

    I will go the k8s path, and figure out the passthrough, or give up and accept termination by the middleware/man.

    Cheers,
    Geert