Skip to content

Server silently falls back to HTTP when HTTPS is requested but certificates are missing #1634

Open
Bug
Open
Server silently falls back to HTTP when HTTPS is requested but certificates are missing#1634
Bug
Assignees
kmcginnes
Labels
bugSomething isn't workinginfrastructuresecurityIssues related to security
Milestone
Release v3.0.1
@kmcginnes

Description

@kmcginnes
kmcginnes
opened on Apr 3, 2026

Description

When a user sets PROXY_SERVER_HTTPS_CONNECTION=true, they expect the server to run over HTTPS. However, if the TLS certificate is missing or fails to generate, the server silently falls back to HTTP with no warning. A user who explicitly opted into HTTPS could unknowingly be served over plaintext.

There are two layers where this happens:

  1. docker-entrypoint.sh: The openssl commands that generate the self-signed certificate do not have their exit codes checked. If any step fails, the script continues and starts the Node server anyway. Additionally, the existing cert file checks have syntax bugs (missing spaces before ]) that cause the conditionals to always fail.

  2. node-server.ts: The useHttps logic silently downgrades to HTTP when cert files are missing:

    const useHttps =
  env.PROXY_SERVER_HTTPS_CONNECTION &&
  fs.existsSync(certificateKeyFilePath) &&
  fs.existsSync(certificateFilePath);

    If the files do not exist, the server starts on HTTP without any error or warning.

Environment

  • All environments (Docker, local dev, SageMaker)
  • All browsers
  • All Graph Explorer versions with HTTPS support
  • All graph databases

Steps to Reproduce

  1. Set PROXY_SERVER_HTTPS_CONNECTION=true
  2. Ensure no certificate files exist at the expected paths (or corrupt the openssl generation)
  3. Start the server
  4. Observe the server starts on HTTP with no error

Expected Behavior

When HTTPS is explicitly requested, the server should either start with HTTPS or refuse to start entirely with a clear error message. A fail-closed approach:

  • node-server.ts: When PROXY_SERVER_HTTPS_CONNECTION=true but cert files are missing, log a clear error and exit with a non-zero code instead of falling back to HTTP.
  • docker-entrypoint.sh: Check exit codes of openssl commands and abort if certificate generation fails. Fix the syntax bugs in cert file existence checks.

Important

If you are interested in working on this issue, please leave a comment.

Tip

Please use a 👍 reaction to provide a +1/vote. This helps the community and maintainers prioritize this request.

Metadata

Metadata

Assignees

Labels

bugSomething isn't workinginfrastructuresecurityIssues related to security

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions