My production site is running 4.5 and I'm struggling to get it to work when upgrading to 4.9. In an effort to be methodical and eliminate variables I've done a fresh install of 4.9.0 with an alternate domain, obtained a cert for the alternate domain and am still seeing the same problem.

favicon.ico always attempts to load via http (not https) resulting in a mixed content error. In the cart, OpcSaveBilling/ is also attempted via http.

Store details:
"store url" is https://mydomain.mysite.com/
"secure url" is https://mydomain.mysite.com/
"host values" is mydomain.mysite.com

appsettings.json:
"UseHttpXForwardedProto": true,

/Admin/Common/SystemInfo
Http request scheme https
Http scheme is https True

However, in server variables:
X-Original-For:127.0.0.1:36178
X-Original-Proto:http

default site:
server {
  listen 80;
  server_name mysite.mydomain.com;
  location / {
    proxy_pass http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection keep-alive;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysite.mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysite.mydomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
  listen 80 default_server;
  return 444;
}

in nginx.conf, I added to the http { } section:
  include /etc/nginx/proxy.conf;

proxy.conf contains:
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;

I have tried everything I can think to get this working properly and I am at my wit's end. I have meticulously followed the instructions at https://grandnode.com/how-to-install-grandnode-on-linux-ubuntu-1604 for installation and https://grandnode.com/how-to-configure-ssl-in-grandnode-on-linux-continuation for SSL. I have also tried a zillion other options using https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-5.0 for some ideas. Nothing works! Does anything look suspicious in my configuration? What else can I check? I need help. I thought I knew what I was doing but I am hard stuck and very discouraged.

Hello Jon,

Please try with this setting - https://github.com/grandnode/grandnode/blob/develop/Grand.Web/App_Data/appsettings.json#L12 on True, and UseXForwardedProto on False. In our case on nginx and ubuntu it always work.

It works! Thanks! This information might be a valuable addition to the guide. https://grandnode.com/how-to-configure-ssl-in-grandnode-on-linux-continuation

I'm also getting mixed content SSL problems in grand node new version 1.0.1 (Ubuntu 20.04). I have used Lets encrypt for SSL in nginx


Please refer the above image..

System information:

Showing like below screenshot



I have used as it is, appsettings.json file.

Please help me resolve the issue.

Thanks in advance

Hi team,

Please refer the below content about the issues.


site.min.js:6 DOMException: Failed to execute 'replaceState' on 'History': A history state object with URL 'on://www.xyz.com/earphones?orderby=6' cannot be created in a document with origin 'https://www.xyx.com' and URL 'https://www.xyz.com/earphones'.
    at a.loadProducts (https://www.xyz.com/earphones:62:32)
    at change (eval at Ya (https://www.xyz.com/bundles/site.min.js:6:91725), <anonymous>:3:113340)
    at He (https://www.xyz.com/bundles/site.min.js:6:11384)
    at HTMLSelectElement.n (https://www.xyz.com/bundles/site.min.js:6:13168)
    at HTMLSelectElement.Yr.o._wrapper (https://www.xyz.com/bundles/site.min.js:6:48505)
Ue @ site.min.js:6
earphones:1 Access to XMLHttpRequest at 'on://www.xyz.com/earphones?orderby=6&timestamp=1634993023780' from origin 'https://www.xyz.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.
earphones:79 Error: Network Error whilst contacting the catalog page.
on://www.xyz.com/earphones?orderby=6&timestamp=1634993023780:1 Failed to load resource: net::ERR_FAILED
DevTools failed to load source map: Could not load content for https://www.xyz.com/bundles/bootstrap-vue.min.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE
earphones:1 Unchecked runtime.lastError: The message port closed before a response was received.




Note:

i have tried about changing UseForwardedHeaders = true in application.json file. nothing will be work.

Thanks

In the case of the SSL, if you set UseForwardedHeaders to True, then in the Configuration -> Stores -> Store details page, set the SSL Enabled and provided Secure HOST with https:// and you still have problems with Mixed Content error, it means that you don't have a valid configuration on your server. In that case is nothing to do in the app itself.

By the way, screenshot is not available.

Hi Patryk,

Thanks for your reply,

I have the same workflow again. also I have set UseForwardedHeaders = true   in appsettings.json file.
along with under the Settings -> General

I have enable the option Allow to read Let's Encrypt file - true. after that i have cleared the memory cache and restarted the application.

Now issue was resolved. Everything works fine.  System information also shows like - Http scheme is https - True

but I'm not sure Allow to read Let's Encrypt file option helps.


Thanks

This helped me also.
I strongly recommend to add this setting to the manual