nginx and mixed content ssl problems in 4.9.0 (Ubuntu 20.04)

Wednesday, July 28, 2021 11:54:59 AM
  • Posted: Tuesday, July 6, 2021 7:01 PM
  • 32
My production site is running 4.5 and I'm struggling to get it to work when upgrading to 4.9. In an effort to be methodical and eliminate variables I've done a fresh install of 4.9.0 with an alternate domain, obtained a cert for the alternate domain and am still seeing the same problem.

favicon.ico always attempts to load via http (not https) resulting in a mixed content error. In the cart, OpcSaveBilling/ is also attempted via http.

Store details:
"store url" is https://mydomain.mysite.com/
"secure url" is https://mydomain.mysite.com/
"host values" is mydomain.mysite.com

appsettings.json:
"UseHttpXForwardedProto": true,

/Admin/Common/SystemInfo
Http request scheme https
Http scheme is https True

However, in server variables:
X-Original-For:127.0.0.1:36178
X-Original-Proto:http

default site:
server {
  listen 80;
  server_name mysite.mydomain.com;
  location / {
    proxy_pass http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection keep-alive;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysite.mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysite.mydomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
  listen 80 default_server;
  return 444;
}

in nginx.conf, I added to the http { } section:
  include /etc/nginx/proxy.conf;

proxy.conf contains:
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;

I have tried everything I can think to get this working properly and I am at my wit's end. I have meticulously followed the instructions at https://grandnode.com/how-to-install-grandnode-on-linux-ubuntu-1604 for installation and https://grandnode.com/how-to-configure-ssl-in-grandnode-on-linux-continuation for SSL. I have also tried a zillion other options using https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-5.0 for some ideas. Nothing works! Does anything look suspicious in my configuration? What else can I check? I need help. I thought I knew what I was doing but I am hard stuck and very discouraged.

0
  • Posted: Wednesday, July 7, 2021 5:39 AM
  • Team
  • 891
Hello Jon,

Please try with this setting - https://github.com/grandnode/grandnode/blob/develop/Grand.Web/App_Data/appsettings.json#L12 on True, and UseXForwardedProto on False. In our case on nginx and ubuntu it always work.
Best regards,
Patryk

GrandNode Team
0
  • Posted: Wednesday, July 7, 2021 2:13 PM
  • 32
It works! Thanks! This information might be a valuable addition to the guide. https://grandnode.com/how-to-configure-ssl-in-grandnode-on-linux-continuation
0
back to top
Filters