'CRJZS0035E The OAuth signature is not valid' as error when using a reverse proxy
We are on RTC v4.07 and running on the default Apache Tomcat and we got this error:
CRJZS0035E The OAuth signature is not valid. An application might be configured incorrectly or the consumer secret might be mismatched.
when using a reverse proxy to forward network traffic from clients to CLM application servers.
Our topology is similar to that is discussed in the article https://jazz.net/wiki/bin/view/Deployment/UnderstandingReverseProxy:
Our reverse proxy listens on port 80 (HTTP) and 443 (HTTPS) and forwards the incoming traffic both to the application server port 9080 (HTTP).
We found the OAuth signature error above due to an incorrect URI construction by Jazz:
https://clm.example.org/jts/proxy?uri=http://clm.example.org/jts/discovery?type=http%253A%252F%252Fjazz.net%252Fns%252Fui%2523HomeMenu%26scope=includeExternal
It seems the proxy URI param does not preserve the initial protocol used by client (i.e., HTTPS instead of HTTP).
Do we have to maintain the protocol matching when forwarding from reverse proxy to application sever?
Thanks in advance.