Issue
Spring Boot 2.2 application with springdoc-openapi-ui (Swagger UI) runs HTTP port. The application is deployed to Kubernetes with Ingress routing HTTPS requests from outside the cluster to the service.
In this case Swagger UI available at https://example.com/api/swagger-ui.html
has wrong "Generated server url" - http://example.com/api
. While it should be https://example.com/api
.
While Swagger UI is accessed by HTTPS, the generated server URL still uses HTTP.
Solution
springdoc-openapi
FAQ has a section How can I deploy the Doploy springdoc-openapi-ui
, behind a reverse proxy?.
The FAQ section can be extended.
Make sure X-Forwarded headers are sent by your proxy (X-Forwarded-For
, X-Forwarded-Proto
and others).
If you are using Undertow (spring-boot-starter-undertow
), set property server.forward-headers-strategy=NATIVE
to make a Web server natively handle X-Forwarded headers. Also, consider switching to Undertow if you are not using it.
If you are using Tomcat (spring-boot-starter-tomcat
), set property server.forward-headers-strategy=NATIVE
and make sure to list IP addresses of all internal proxies to trust in the property server.tomcat.internal-proxies=192\\.168\\.\\d{1,3}\\.\\d{1,3}
. By default, IP addresses in 10/8, 192.168/16, 169.254/16 and 127/8 are trusted.
Alternatively, for Tomcat set property server.forward-headers-strategy=FRAMEWORK
.
Useful links:
- Running Behind a Front-end Proxy Server
- Customize Tomcat’s Proxy Configuration
- ServerProperties.ForwardHeadersStrategy
Answered By - Eugene Khyst
Answer Checked By - Marie Seifert (JavaFixing Admin)