I have an issue using HTTPS to access an ASP.NET OData endpoint. The ASP.NET site is hosted via OWIN. I am using the NuGet package Microsoft.AspNet.WebApi.OData for the OData (v3) part. The SSL termination takes place outside of the server in a separate load balancer.
Accessing the OData endpoints with a REST-client (e.g. Postman) works fine: https://api.my-domain.com/odata/v3
But when I use an OData-client (e.g. Excel or PowerBI), the access fails with the generic message, that the host forcibly closed the connection.
Further I found that when I access the endpoint https://api.my-domain.com/odata/v3 via Postman, I receive some XML metadata, which refers to the normal http endpoint (see below snippet), which is blocked by the LB.
<?xml version="1.0" encoding="utf-8"?>
<service xml:base="http://api.my-domain.com/odata/v3" xmlns="http://www.w3.org/2007/app" xmlns:atom="http://www.w3.org/2005/Atom">
<workspace>
...
Further I sniffed the traffic from Excel/PowerBI with Wireshark and found that the clients are using the normal http endpoint (as shown in above metadata) after the initial request with https. I am not familiar with the OData protocol details, but I guess the clients are determining the address by the metadata.
For validation I unblocked port 80 in the LB and voila, Excel/PowerBI can successfully connect, regardless if I use http or https for the initial request.
But how to solve this issue (I don't want to allow traffic on http). Is it possible to instruct the ASP.NET OData middleware to generate metadata with https URIs?
