How To Disable Chronograf HTTP

After configuring Chronograf to use TLS / HTTPS, I am seeing an HTTP site served with the following content:

Since HTTPS is working, is there a specific reason Chronograf is serving an HTTP site still?

My end goal is to have http://localhost:8888 either redirect to https://localhost:8888, or have it display a 404.

Thank you all in advance!

After re-reading the documentation, checking the Slack workspace, and reviewing any open issues in GitHub, this appears to be a bug.

My workaround was to use a reverse proxy to handle the site.

Could you open a new issue for this?

I looked into this a bit more, it appears to be a quirk of the Go HTTP server. This issue is discussed in depth in go/issues/23689 and has been addressed with Go 1.12, the server now replies with the following HTTP response:

HTTP/1.0 400 Bad Request

Client sent an HTTP request to an HTTPS server.

This means that Chronograf would only need recompiled with Go 1.12 to get this new behavior. This wouldn’t give you a redirect to HTTPS, it doesn’t appear that this response is configurable with the Go server. So I think the reverse proxy is still something you will want, but it would still be good to create a Chronograf issue.

Thanks daniel!

Issue submitted: Disable Chronograf HTTP

For anyone else setting up a reverse proxy, it’s important to use $BASE_PATH to ensure relative URLs are handled properly.