@Ibone
I have checked the link - here is some more information:
-The health check is using https protocol on 443.
-When I change the health check success code to 301 - it starts to show as healthy- this does not feel like a good way to use the health check so I continue with how to setup the bitnami.conf to correctly return code 200 for the health check.
-When I run the curl -lvk command with the following results:
- Trying X.X.X.X…
- Connected to X.X.X.X (X.X.X.X) port 443 (#0)
- ALPN, offering http/1.1
- Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
- error setting certificate verify locations, continuing anyway:
- CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
- TLSv1.2 (OUT), TLS header, Certificate Status (22):
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS change cipher, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN, server accepted to use http/1.1x
- Server certificate:
-
subject: OU=Domain Control Validated; OU=PositiveSSL; CN=www.devblockdrop.tech
-
start date: Sep 11 00:00:00 2019 GMT
-
expire date: Dec 9 23:59:59 2020 GMT
-
issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
-
SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
HEAD /health-check HTTP/1.1
Host: X.X.X.X
User-Agent: curl/7.45.0
Accept: /
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
< Date: Tue, 15 Sep 2020 07:04:19 GMT
Date: Tue, 15 Sep 2020 07:04:19 GMT
< Server: Apache
Server: Apache
< X-Frame-Options: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
< Location: 'https://www.X.X.X.X/health-check
Location: 'https://www.X.X.X.X/health-check
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1
-AS you can see above, the issue is the HTTP/1.1 301 Moved Permanently which is causing the heath check to fail when the success code is set to 200.
-so i found this article to setup a bypass for the url:
using this:
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteCond %{REQUEST_URI} !^/health-check$
RewriteRule ^ 'http://www.example.com/$1 [R=301,L]
and setting the health check path to /health-check
unfortunately, this does not seem to work for me- i cannot get the code 200 for my healthcheck at path /health-check using both http and https types of health check- the curl command still returns the 301 result
perhaps there is something missing in my config to get the bypass to work