WSDL Soap Address location is HTTP instead of HTTPS

0
We have several applications running on a on-premise installation. Our servers are all running on Microsoft Windows Server and use IIS to serve the mendix applications to the outside world. All the applications are deployed\installed according to the available deployment guide, https://docs.mendix.com/howto6/deploy-mendix-on-microsoft-windows. All the applications are served over a https connection for obvious security reasons. This secure connection is handled by IIS. The connection between IIS and the mendix application is based on plain HTTP, because that is all internall traffic. The application are all running fine and working normally. There is only one thing that's causing confusion and discussion with partners that connect to our applications via webservices. That thing is that the generated WSDL's, are pointing to an HTTP (so plain connection, that is even not active) soap address, instead of the desired https connection. See the screenshot below for an example. You can see that the endpoint is set to HTTP instead of HTTPS. For the record, I created this screenshot from a HTTPS page, https://xxxxx.nl/ws-doc/ExcelImporterTemplateXSD?wsdl. I can imagine that this behaviour is a bit logical, because although the connection between the client and IIS is secure, the connection between IIS en the mendix application isn't. So maybe that is why the WSDL generator returns an plain HTTP address. However, maybe somebody knows a java parameter or something, to force the WSDL generator to always use HTTPS, nevertheless  what the requesting url is. Or maybe I am all wrong and I did something else incorrect that causes his behaviour.
asked
4 answers
4

You could try to change the public application root url in the Mendix Service console. I thought that that setting is used to create those endpoint URL's. You might want to set that to https://yourapp.intermediad.nl.

 

When that doesn't work and no one else on the forum has an idea I would recommend you to file a support ticket to fix this.

answered
2

The locations in the WSDL are based on the host header in the HTTP request. Have you configured IIS to pass host headers to Mendix?

For a description of how to do that, see:
https://docs.mendix.com/howto7/deploy-mendix-on-microsoft-windows#6-preserving-the-host-header

answered
0

Try this. I believe you need to add this header:

X-Forwarded-Scheme: https

to all calls forwarded from your SSL endpoint to the Mendix runtime, so that it knows it's running in an HTTPS environment.

answered
0

Hi Eric, thanks for you reply. It sounds good! I will test it and come back with the results. First I need to figure out how to set this extra header before forwarding the request (My IIS knowledge has it's limitations).

answered