Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Ben 10 posts 121 karma points
    Aug 23, 2024 @ 04:50
    Ben
    0

    Umbraco, Kestrel and CloudFront

    I'm at a bit of a loss and wondering what everyone here is doing about this.

    It's been a while since I have hosted Umbraco sites, but I'm coming back to it. In the years since I last touched Umbraco (v8), I have changed a lot about how I host things. One of those things is putting the entire site behind CloudFront. I want the whole site behind CloudFront, not just media/static assets.

    This usually isn't too much of an issue with other projects, but Umbraco's now got this requirement that the back office requires HTTPS. Cool, I get it, but I don't need my hand held in this way.

    End goal:

    https <-> CloudFront <-> http <-> Kestrel <-> Umbraco.

    CloudFront serves everything as https, so really, CloudFront is wrapping the http coming from Kestrel. I guess Umbraco doesn't like this when opening the back office and is throwing this error:

    error:invalid_request
    error_description:The specified 'redirect_uri' is not valid for this client application.
    error_uri:https://documentation.openiddict.com/errors/ID2043
    

    Front-end of the site loads fine, though.

    I guess I could make Kestrel serve over https, but I'm not handling anything sensitive between these servers in AWS' data center and that's a lot of TLS encryption/decryption overhead for minimal benefit. Surely this has been considered?

    Anyone have similar issues? Are there some configuration switches to throw? TLS all the things, yes, but me no need like this.

  • Ben 10 posts 121 karma points
    Aug 23, 2024 @ 07:10
    Ben
    101

    Update: FIXED BY MY OWN RESEARCH.

    It appears that proxying is not exactly straightforward with v14, so I'm leaving a trail here for others.

    Edit your appsettings.json file to include the following:

    "WebRouting": {
        "UmbracoApplicationUrl": "https://xyz.com"
    },
    

    This NEEDS to live under Umbraco -> CMS -> WebRouting.

    If your application is still exhibiting this 2043 error, double-check that you have WebRouting at the correct level in the dictionary. (I had a mistake where I had added the above snippet under Umbraco -> CMS -> Global -> WebRouting.)

    Source info here: https://docs.umbraco.com/umbraco-cms/extending/health-check/guides/fixedapplicationurl

    And here: https://github.com/umbraco/Umbraco-CMS/issues/16179#issuecomment-2194142613

    Sweet lordie, praise the eternal spirits of Neils and Per Ploug!

  • Jakob Bagterp 13 posts 115 karma points c-trib
    Aug 27, 2024 @ 13:12
    Jakob Bagterp
    0

    I had this in my appsettings.json:

    {
        "Umbraco": {
            "CMS": {
                "WebRouting": {
                    "UmbracoApplicationUrl": "https://example.com/"
                }
            }
        }
    }
    

    But this actually caused my issue in my local development enviroment, and so I removed it. Now it's working, and I suppose UmbracoApplicationUrl should be used in the production settings appsettings.Production.json.

  • Ben 10 posts 121 karma points
    Aug 27, 2024 @ 16:36
    Ben
    0

    Yep, exactly! Good clarification!

  • Ben 10 posts 121 karma points
    Aug 23, 2024 @ 07:13
    Ben
    0

    Finally, as some tangental but related conversation, it's nice to be back working with Umbraco after several years. Being able to develop on my Mac with Rider is a great and productive experience.

    Serving with Kestrel on Linux feels silky smooth compared to what I remember with IIS.

Please Sign in or register to post replies

Write your reply to:

Draft