change http to https but cannot login



  • {
        "url": "https://www.marketplace-ph.com",
        "secret": "***********",
        "database": "mongo",
        "port": "4567",
        "mongo": {
            "host": "mongodb.net",
            "port": "27017",
            "username": "*********",
            "password": "********",
            "database": "test",
            "uri": "mongodb+srv://*********:***********@mongodb.net/test?retryWrites=true&w=majority"
        }
    }
    

    屏幕快照 2019-11-09 下午8.50.04.png

    i have a problem at aws ec2 service i tried to change http to https but cannot log in already,because i want to use facebook sso but my plug in only support https not http so i change the config.json to https, but now cannot use the log in already, my webiste is https://www.marketplace-ph.com, if anyone can help me, thank you!

    i try to log in but everytime i do something like user, but i will get a error 401 Unauthorized and let me log in again


  • Global Moderator

    Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.



  • 屏幕快照 2019-11-10 下午4.09.02.png

    i used ec2 Load Balance, already have aws certificate, if https visit website nothing, but can not login, if i change config.json https to http will can login, but can not use facebook sso. so i need solve this problem, can u help me? thank you so much



  • @PitaJ said in change http to https but cannot login:

    Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.

    thank you to help me, but i already use ec2 Load Balance, and AWS certificate, the problem still same, can u try to visit my website , if login after will let customer login again and again ....



  • if i change config.json inside that https to http, the login won’t have problem, but fb sso will have

    error: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings. {"name":"FacebookTokenError","type":"OAuthException","code":191,"status":500,"stack":"FacebookTokenError: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings.\n at Strategy.parseErrorResponse (/home/ubuntu/nodebb/node_modules/passport-facebook/lib/strategy.js:198:12)\n at Strategy.OAuth2Strategy._createOAuthError (/home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:405:16)\n at /home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:175:45\n at /home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:191:18\n at passBackControl (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:132:9)\n at IncomingMessage.<anonymous> (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:157:7)\n at IncomingMessage.emit (events.js:194:15)\n at IncomingMessage.EventEmitter.emit (domain.js:441:20)\n at endReadableNT (_stream_readable.js:1125:12)\n at process._tickCallback (internal/process/next_tick.js:63:19)"}


  • Global Moderator

    How did you configure the load balancer? I know nothing about AWS but maybe I can still help.

    When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.

    The reason for that Facebook error when accessing though http is that Facebook expects your site to be working from https only.


  • Gamers

    @PitaJ said in change http to https but cannot login:

    When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.

    To be more specific - the website is using a self-signed certificate, so it's not signed by any trusted CA and browsers really don't like these certs (for good reasons, but still - it's annoying in some cases).

    Other than that tls seems to be correctly configured and would get an "A" in Qualys SSL test.

    I'm not sure if untrasted cert would cause any problem like that. Or at least - it shouldn't, because this kind of certificate is useful for testing, where you can can manually decide to trust your certificates, as you control the client machines 🙂



  • @PitaJ thank you help me, you can visit my website now. i set up the certificate and fix the untrusted issue .if i log in after i click anything like user doing will return to login userpage again and again, and the network have

    401 Unauthorized
    

    , i check the console its okay. but before i used config.json url is http, that time no more problem. can login any time, but can not use fb sso.



  • @oplik0 Yes until now can not login......



  • 屏幕快照 2019-11-12 上午12.40.22.png

    this what i get the error



  • The problem already solve thankyou for all the help. It works when u rewrite the the http rq to https.


Log in to reply
 

Suggested Topics

| |