Description
I have an incoming request for mydomain.com which I want to proxy on the private network to 10.0.10.5.
return function (req, res, next) {
var proxy = httpProxy.createProxyServer();
proxy.web(req, res, {
target: {
protocol: 'https:'
, hostname: '10.0.10.5'
, port: '8443'
, ca: caArr
}
// for testing only
//, secure: false
});
};It fails with this error:
[Error: Hostname/IP doesn't match certificate's altnames]
I find that a little weird because the certificate does match mydomain.com. But for some reason it doesn't like that I'm accessing it as 10.0.10.5. I would have thought that the fact that the Host header is set correctly to mydomain.com would have made addressing it directly by IP not an issue.
However, if I manually edit /etc/hosts on the web-facing mydomain.com so that it sees mydomain.com as 10.0.10.5 like this, it works:
```javascript
return function (req, res, next) {
var proxy = httpProxy.createProxyServer();
proxy.web(req, res, {
target: {
protocol: 'https:'
, hostname: 'mydomain.com'
, port: '8443'
, ca: caArr
}
});
};The best thing I can think of to do (aside from secure: false, which I do not want to do) is to give a subdomain proxyable.mydomain.com and on the server that receives the request I just strip out proxyable before the vhost middleware gets a chance to handle it (otherwise the json api might return strings with proxyable.mydomain.com back out to the user and cause api problems in the web interface).
Is there an option that can be passed to tell it to verify against the Host header instead of the hostname?