dcos cli forces insecure port during login

Description

Apologies if this is a duplicate but I couldn't find one. I believe this is a security issue.

I setup a DCOS cluster in AWS and disabled the insecure (HTTP) port that it uses at the ELB. I have an HTTPS port open with a valid (AWS) cert.

Ran: dcos config set core.dcos_url https://dcos1.<domain>.com/
Followed by: dcos auth login

Went to link and got a token no problem. But when I pasted it in response to the "Enter OpenID Connect ID Token:" prompt, I get an error:

URL https://dcos1.<domain>.com/exhibitor/ is unreachable: HTTPConnectionPool(host='dcos1.<domain>.com', port=80): Max retries exceeded with url: /exhibitor/exhibitor/v1/ui/index.html (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x10402f4a8>: Failed to establish a new connection: [Errno 61] Connection refused',))

Note port=80 which is incorrect. There should be no authentication attempt to port 80, only 443.

dcos --version
dcoscli.version=0.4.14
dcos.version=1.7-open
dcos.commit=14509fe1e7899f439527fb39867194c7a425c771
dcos.bootstrap-id=3a2b7e03c45cd615da8dfb1b103943894652cd71

Activity

Show:
TB
January 27, 2017, 9:46 PM

thanks for the report. Can you post the output of `dcos --log-level=debug auth login` and `dcos config show` please? Thanks!

Assignee

TB

Labels

Components