change http to https but cannot login
-
{ "url": "https://www.marketplace-ph.com", "secret": "***********", "database": "mongo", "port": "4567", "mongo": { "host": "mongodb.net", "port": "27017", "username": "*********", "password": "********", "database": "test", "uri": "mongodb+srv://*********:***********@mongodb.net/test?retryWrites=true&w=majority" } }
i have a problem at aws ec2 service i tried to change http to https but cannot log in already,because i want to use facebook sso but my plug in only support https not http so i change the config.json to https, but now cannot use the log in already, my webiste is https://www.marketplace-ph.com, if anyone can help me, thank you!
i try to log in but everytime i do something like user, but i will get a error 401 Unauthorized and let me log in again
-
Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.
-
i used ec2 Load Balance, already have aws certificate, if https visit website nothing, but can not login, if i change config.json https to http will can login, but can not use facebook sso. so i need solve this problem, can u help me? thank you so much
-
@PitaJ said in change http to https but cannot login:
Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.
thank you to help me, but i already use ec2 Load Balance, and AWS certificate, the problem still same, can u try to visit my website , if login after will let customer login again and again ....
-
if i change config.json inside that https to http, the login won’t have problem, but fb sso will have
error: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings. {"name":"FacebookTokenError","type":"OAuthException","code":191,"status":500,"stack":"FacebookTokenError: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings.\n at Strategy.parseErrorResponse (/home/ubuntu/nodebb/node_modules/passport-facebook/lib/strategy.js:198:12)\n at Strategy.OAuth2Strategy._createOAuthError (/home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:405:16)\n at /home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:175:45\n at /home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:191:18\n at passBackControl (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:132:9)\n at IncomingMessage.<anonymous> (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:157:7)\n at IncomingMessage.emit (events.js:194:15)\n at IncomingMessage.EventEmitter.emit (domain.js:441:20)\n at endReadableNT (_stream_readable.js:1125:12)\n at process._tickCallback (internal/process/next_tick.js:63:19)"}
-
How did you configure the load balancer? I know nothing about AWS but maybe I can still help.
When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.
The reason for that Facebook error when accessing though http is that Facebook expects your site to be working from https only.
-
@PitaJ said in change http to https but cannot login:
When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.
To be more specific - the website is using a self-signed certificate, so it's not signed by any trusted CA and browsers really don't like these certs (for good reasons, but still - it's annoying in some cases).
Other than that tls seems to be correctly configured and would get an "A" in Qualys SSL test.
I'm not sure if untrasted cert would cause any problem like that. Or at least - it shouldn't, because this kind of certificate is useful for testing, where you can can manually decide to trust your certificates, as you control the client machines
-
@PitaJ thank you help me, you can visit my website now. i set up the certificate and fix the untrusted issue .if i log in after i click anything like user doing will return to login userpage again and again, and the network have
401 Unauthorized
, i check the console its okay. but before i used config.json url is http, that time no more problem. can login any time, but can not use fb sso.
-
this what i get the error
-
The problem already solve thankyou for all the help. It works when u rewrite the the http rq to https.