GP DR
10/11/2023, 8:17 PMMixed Content: The page at '<https://cerbos.example.com/#get-/admin/auditlog/list/-kind->' was loaded over HTTPS, but requested an insecure resource '<http://cerbos.example.com/admin/auditlog/list/>'. This request has been blocked; the content must be served over HTTPS.
onTryClick @ api-request.js:1143
handleEvent @ rapidoc-min.js:2
But, when I will add:
tls:
cert: generated_by_caddy.crt
key: generated_by_caddy.key
To config of Cerbos, then I will can't see Admin dashboard at all, instead I will get an error: 400 (Bad Request)
with the body: Client sent an HTTP request to an HTTPS server.
What is strange for me. I can't understand what is a Client and what is the Server in this case.
In my browser I have https - and the cert is valid. Caddy always using TLS. Cerbos is set to use TLS, the same cert, what Caddy is using.
I have problem to troubleshot this by myself. I was googled, but is not too much, and most of them is about wrong configured traefic (not enabled TLS), but Caddy have TLS enabled by default, and I do not turn it off - and I can see in the browser, that is works correctly.
This all is in Docker, and I think there can be the source of the problem, but can't find any helpful info.
Would someone be able to help me?Dennis (Cerbos)
Dennis (Cerbos)
GP DR
10/11/2023, 10:47 PMcerbosctl
, (btw. server flag require to provide a port, which in case like this, the port no need to be defined as domain listen only on one port)
As I understand that the dashboard is not for the production (btw CLI as well isn't?), I think is much more convenient to use than CLI, as CLI needs a flags with every request what is not a convenient way in my opinion, I'm not sure but there is also no completions available for terminal. Let me know if I'm wrong, as I can't yet wrap my head around it.
After reading website/docs I was thinking that Cerbos will be easy and straight forward for me. But when I get a hands dirty a bit, I have problems on every each step.
At least I got it to work without TLS at all, so at least I can play a bit more with it.Dennis (Cerbos)
Charith (Cerbos)
GP DR
10/12/2023, 11:06 PM