-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing support for RPC API over HTTPS #10539
Comments
Thank you for reporting this bug. Indeed, The Line 357 in 091bc08
likely does not include protocol, just host, and Potential quick fix is to make sure kubo/cmd/ipfs/kubo/start.go prepends @ze42 would you have time to open PR with a fix? |
@lidel I’m new to this repository, but I believe this fix requires a small change, and I would like to contribute to it. Can I take this? |
@Sairaviteja27 sure, submit PR once you have something ready for review 👍 |
Hi, Just wanted to share an update. I was occupied with some personal work and initially faced a few challenges due to the earlier version. However, I updated to the latest version (0.32.1) and tried to reproduce the issue, but I didn't encounter any errors. Next, I will try downgrading my IPFS version to check if the issue persists and also investigate further by cloning the repository. |
After some investigation, I found that if I prepend
This would allow the client to send HTTPS requests, but additional changes may be needed for handling HTTPS responses. When I tried this, I encountered the error: @lidel @gammazero |
Sorry, but does it work or not in the latest version? |
Hi, I initially connected with latest version using 5001 and random ports such as 8182 without encountering any errors, but the RPC calls worked only over HTTP, not HTTPS. The issue became apparent when I attempted to use standard ports (443, 80) on the remote node. Since these ports were already in use, I couldn’t run IPFS on these ports there. After replicating the environment with a version downgrade, I observed the same behavior. It seems the OP's concern was making RPC calls over HTTPS, which might require changes as mentioned in my previous comment. |
* fix(cli): support HTTPS in ipfs --api Closes #10539 * chore: go-ipfs-cmds v0.14.1 https://github.com/ipfs/go-ipfs-cmds/releases/tag/v0.14.1 * docs: ipfs --api example * test(cli): https rpc support makes sure we dont have regression where HTTPS endpoint starts getting cleartext requests (cherry picked from commit 3b098b9)
Checklist
Installation method
ipfs-update or dist.ipfs.tech
Version
Config
(probably not relevant) {"API":{"HTTPHeaders":{}},"Addresses":{"API":"/ip4/127.0.0.1/tcp/5001","Announce":[],"AppendAnnounce":[],"Gateway":"/ip4/127.0.0.1/tcp/8080","NoAnnounce":[],"Swarm":["/ip4/0.0.0.0/tcp/4001","/ip6/::/tcp/4001","/ip4/0.0.0.0/udp/4001/quic-v1","/ip4/0.0.0.0/udp/4001/quic-v1/webtransport","/ip6/::/udp/4001/quic-v1","/ip6/::/udp/4001/quic-v1/webtransport"]},"AutoNAT":{},"Bootstrap":["/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN","/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa","/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb","/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt","/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ","/ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ"],"DNS":{"Resolvers":{}},"Datastore":{"BloomFilterSize":0,"GCPeriod":"1h","HashOnRead":false,"Spec":{"mounts":[{"child":{"path":"blocks","shardFunc":"/repo/flatfs/shard/v1/next-to-last/2","sync":true,"type":"flatfs"},"mountpoint":"/blocks","prefix":"flatfs.datastore","type":"measure"},{"child":{"compression":"none","path":"datastore","type":"levelds"},"mountpoint":"/","prefix":"leveldb.datastore","type":"measure"}],"type":"mount"},"StorageGCWatermark":90,"StorageMax":"10GB"},"Discovery":{"MDNS":{"Enabled":true}},"Experimental":{"FilestoreEnabled":false,"Libp2pStreamMounting":false,"OptimisticProvide":false,"OptimisticProvideJobsPoolSize":0,"P2pHttpProxy":false,"StrategicProviding":false,"UrlstoreEnabled":false},"Gateway":{"DeserializedResponses":null,"DisableHTMLErrors":null,"ExposeRoutingAPI":null,"HTTPHeaders":{},"NoDNSLink":false,"NoFetch":false,"PublicGateways":null,"RootRedirect":""},"Identity":{"PeerID":"12D3KooWHmUkKz2ys3uQpNStsCwDP7DBpvPMMF4182KsBQ55xb1A"},"Internal":{},"Ipns":{"RecordLifetime":"","RepublishPeriod":"","ResolveCacheSize":128},"Migration":{"DownloadSources":[],"Keep":""},"Mounts":{"FuseAllowOther":false,"IPFS":"/ipfs","IPNS":"/ipns"},"Peering":{"Peers":null},"Pinning":{"RemoteServices":{}},"Plugins":{"Plugins":null},"Provider":{"Strategy":""},"Pubsub":{"DisableSigning":false,"Router":""},"Reprovider":{},"Routing":{"Methods":null,"Routers":null},"Swarm":{"AddrFilters":null,"ConnMgr":{},"DisableBandwidthMetrics":false,"DisableNatPortMap":false,"RelayClient":{},"RelayService":{},"ResourceMgr":{},"Transports":{"Multiplexers":{},"Network":{},"Security":{}}}}
Description
When trying to connect to a distant API over
https
, it fails and try to connect withhttp
.When checking logs from the RP we have in place receiving the request, we see
"scheme": "http"
.When trying to access directly the same URL with curl and
https
, it works properly.The text was updated successfully, but these errors were encountered: