Dear all,
i am having again trouble with the vCenter VCSA 6.5.
I got a working set of a config file which does work. Yet not in the way i wanted it to.
This is my config so far.
myproxy.my-url.com:443
header / Strict-Transport-Security "max-age=31536000;"
# This is for https://www.chromium.org/hsts
log {{ caddy_log_path }}/access.log
errors {{ caddy_log_path }}/error.log
# For debugging (shows errors to the client directly)
# errors visible
tls {
load {{ caddy_ssl_certificates_path }}
}
proxy /vsphere-client https://vcsa.my-url.com/vsphere-client/?locale=en {
transparent
without /vsphere-client
}
proxy / https://vcsa.my-url.com/ui?locale=de {
#transparent
# does not work with transparent because of internal sso rewrites
}
What i want is also a transparent proxy in front also for the UI part.
The vsphere-client (Old, Flash) works perfectly this way.
No customer is seeing the URL of the VCSA itself.
While with the UI, it does some nasty internal rewrites with /saml/websso/sso or /websso/SAML2/SSO.
When i use “without /ui” it ends up in an invinite loop.
With filter or rewrite i was not lucky. Yet i think it did something very wrong.
All the few examples on docs or github are not really helpfull in this case.
Maybe you (the community) has any help on that front?
What i need is a transparent proxy also for the UI, so that our customers won’t see the URL of the vcsa.
Which is now the case. The working directly on the vcsa with this config for the UI.
Thx.