nginx and mixed content ssl problems in 4.9.0 (Ubuntu 20.04)

Wednesday, July 28, 2021 11:54:59 AM
  • Posted: Tuesday, July 6, 2021 7:01 PM
  • 32
My production site is running 4.5 and I'm struggling to get it to work when upgrading to 4.9. In an effort to be methodical and eliminate variables I've done a fresh install of 4.9.0 with an alternate domain, obtained a cert for the alternate domain and am still seeing the same problem.

favicon.ico always attempts to load via http (not https) resulting in a mixed content error. In the cart, OpcSaveBilling/ is also attempted via http.

Store details:
"store url" is
"secure url" is
"host values" is

"UseHttpXForwardedProto": true,

Http request scheme https
Http scheme is https True

However, in server variables:

default site:
server {
  listen 80;
  location / {
    proxy_pass http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection keep-alive;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header X-Forwarded-Proto $scheme;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


server {
  listen 80 default_server;
  return 444;

in nginx.conf, I added to the http { } section:
  include /etc/nginx/proxy.conf;

proxy.conf contains:
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;

I have tried everything I can think to get this working properly and I am at my wit's end. I have meticulously followed the instructions at for installation and for SSL. I have also tried a zillion other options using for some ideas. Nothing works! Does anything look suspicious in my configuration? What else can I check? I need help. I thought I knew what I was doing but I am hard stuck and very discouraged.

  • Posted: Wednesday, July 7, 2021 5:39 AM
  • Team
  • 891
Hello Jon,

Please try with this setting - on True, and UseXForwardedProto on False. In our case on nginx and ubuntu it always work.
Best regards,

GrandNode Team
  • Posted: Wednesday, July 7, 2021 2:13 PM
  • 32
It works! Thanks! This information might be a valuable addition to the guide.
back to top