tl;dr, I'm running pgAdmin on a nonstandard ssl port and it breaks after first use.
Long version: I am currently running pgAdmin4 in server mode using the standard Apache configuration included with Debian 11 (installed via the pgAdmin instructions, pgadmin4-web and pgadmin4-server packages installed). The apache instance serves pgadmin over ssl on port 8443 (running a different tool on port 443) and we have a cloudflare reverse proxy in front of that that proxies on port 443 for a particular subdomain to port 8443 on our backend server. The first time I go to https://example.com/pgadmin4 and log in, pgAdmin loads as expected. However, if I log out and try to log back in, I briefly receive the pgAdmin loading animation followed by a blank white screen rather than the browser. If I watch the network tab of Chrome, I see 401 errors on the following requests:
- pgadmin4/preferences/get_all
- pgadmin4/browser/check_corrupted_db_file
- pgadmin4/misc/bgprocess/
Looking at the logs, I see the 401 errors being generated in the Apache logs on my backend server. Restarting the web server has no effect. If I then replace https://example.com/pgadmin4 with https://example.com:8443/pgadmin4 (ie I add the port of my Apache TLS port rather than the expected 443 that the Cloudflare reverse proxy expects) in my browser, pgAdmin will load again and work as expected. Due to the security limitations of our organization, I cannot directly connect to the backend VM on port 8443, only through the Cloudflare reverse proxy.
This seems like a bug with pgAdmin, but I'm wondering if anyone knows whether or not I missed a configuration option that would solve this.
My Apache config is as follows:
<VirtualHost *:8443> SSLEngine on SSLCertificateFile /secrets/pgadmin-cert.pem SSLCertificateKeyFile /secrets/pgadmin-key.pem
# enable HTTP/2, if available Protocols h2 http/1.1 </VirtualHost>
# modern configuration SSLProtocol -all +TLSv1.3 SSLOpenSSLConfCmd Curves X25519:prime256v1:secp384r1 SSLHonorCipherOrder off SSLSessionTickets off
