Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

There is mismatch between HTTPS indicated on the server and client

Tags:

php

apache

phpmyadmin

This is the warning when I open my phpMyAdmin's login (index) page:

There is mismatch between HTTPS indicated on the server and client.
This can lead to non working phpMyAdmin or a security risk.
Please fix your server configuration to indicate HTTPS properly.

The error should be caused by a loadbalancer in between my client and phpmyadmin itself. SSL terminates on the loadbalancer so the URL being used (that phpmyadmin receives in request headers, I assume) is https://mydomain/phpmyadmin.

The loadbalancer communicates with phpmyadmin via http, so the URL being used between lb and pma is http://mydomain/phpmyadmin (not https).

I found this very fitting article on github: Possibility to deactivate SSL connection #170 which is for Docker containers and describes an env var to be passed to the container called "PMA_ABSOLUTE_URI" to fix the problem.

Which setting would this be in phpmyadmin NON Docker?

Any other solution to my problem is also highly appreciated.

Sidenote: Phpmyadmin works fine after the login. You can log in, there are no warnings after the log in and you can perform all interactions without problems. I am just worried about the warning.

like image 861
Worp Avatar asked Jun 18 '19 19:06

Worp

1 Answers

I have exactly the same setup as you are describing. A front load balancer acts as reverse proxy and also as SSL/TLS terminator. The LB talks in plain http with the backend server where phpMyAdmin is running.

When I upgraded from 4.0.4.1 to 4.9.0.1 I got the same warning appearing at the phpMyAdmin login screen as you. I was able to solve this on the reverse proxy by "faking" the protocol from http to https. In my case my reverse proxy is a Nginx web server and just before I'd pass to the backend server, I added X-Forwarded-Proto:

 server {
  listen 443;
  server_name my.phpmyadmin.example.com;

[... log and ssl settings ...]

  location / {
    include /etc/nginx/proxy.conf;
    proxy_set_header X-Forwarded-Proto https;
    proxy_pass http://backendserver;
  }
}

By adding proxy_set_header X-Forwarded-Proto https; this tells the backend server that the client to proxy communication happens over https. Without setting this header, phpMyAdmin probably identifies (not sure, just a guess) that it was loaded on a https:// URL yet the communication (between reverse proxy and phpMyAdmin server) happened over http. Therefore it's a correct warning to be shown.

As soon as Nginx was reloaded, the warning disappared from the phpMyAdmin login screen.

like image 184
Claudio Kuenzler Avatar answered Sep 17 '22 05:09

Claudio Kuenzler
Sign in to Comment

Related questions

How to disable full keyboard keys using javascript or jquery?
Android volley is sending information twice with image upload
return utf-8 (farsi) string from nuSOAP webservice
Behat "Unrecognized options"
Symfony 2 - Doctrine 2 - Native Sql - Delete Query
WhereHas() / orWhereHas not constraining the query as expected
How to create a stripe charge with a checkout token sent via AJAX to php
Stop WordPress automatically showing <p></p> tags
Laravel get data from many to many relation
Is there a difference between instantiation with parentheses or without?
Can't install PHP Package on CentOS
how to upload pdf to server from ajax data send (using jsPDF)
How to parse html table to array with symfony dom crawler
Using in_array on collections
WooCommerce: Check if items are already in cart
How to get sum of two different columns with Laravel Query Builder?
Configure timezone in dockerized Nginx + PHP-FPM
How to enable autocomplete for Laravel Resources in PhpStorm?
How to get order meta from array in WooCommerce 3+
Laravel Cannot Access Image Stored in Storage Folder after Uploading in Server

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!