change http to https but cannot login

  • Global Moderator Plugin & Theme Dev

    Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.


  • 屏幕快照 2019-11-10 下午4.09.02.png

    i used ec2 Load Balance, already have aws certificate, if https visit website nothing, but can not login, if i change config.json https to http will can login, but can not use facebook sso. so i need solve this problem, can u help me? thank you so much


  • @PitaJ said in change http to https but cannot login:

    Did you reconfigure your reverse proxy to accept https? Do you have an https certificate? NodeBB doesn't handle TLS on its own.

    thank you to help me, but i already use ec2 Load Balance, and AWS certificate, the problem still same, can u try to visit my website , if login after will let customer login again and again ....


  • if i change config.json inside that https to http, the login won’t have problem, but fb sso will have

    error: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings. {"name":"FacebookTokenError","type":"OAuthException","code":191,"status":500,"stack":"FacebookTokenError: Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings.\n at Strategy.parseErrorResponse (/home/ubuntu/nodebb/node_modules/passport-facebook/lib/strategy.js:198:12)\n at Strategy.OAuth2Strategy._createOAuthError (/home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:405:16)\n at /home/ubuntu/nodebb/node_modules/passport-oauth2/lib/strategy.js:175:45\n at /home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:191:18\n at passBackControl (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:132:9)\n at IncomingMessage.<anonymous> (/home/ubuntu/nodebb/node_modules/oauth/lib/oauth2.js:157:7)\n at IncomingMessage.emit (events.js:194:15)\n at IncomingMessage.EventEmitter.emit (domain.js:441:20)\n at endReadableNT (_stream_readable.js:1125:12)\n at process._tickCallback (internal/process/next_tick.js:63:19)"}

  • Global Moderator Plugin & Theme Dev

    How did you configure the load balancer? I know nothing about AWS but maybe I can still help.

    When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.

    The reason for that Facebook error when accessing though http is that Facebook expects your site to be working from https only.

  • Plugin & Theme Dev Community Rep

    @PitaJ said in change http to https but cannot login:

    When I visit your site through https I get a "this connection is untrusted" error meaning your TLS stuff is not set up correctly.

    To be more specific - the website is using a self-signed certificate, so it's not signed by any trusted CA and browsers really don't like these certs (for good reasons, but still - it's annoying in some cases).

    Other than that tls seems to be correctly configured and would get an "A" in Qualys SSL test.

    I'm not sure if untrasted cert would cause any problem like that. Or at least - it shouldn't, because this kind of certificate is useful for testing, where you can can manually decide to trust your certificates, as you control the client machines 🙂


  • @PitaJ thank you help me, you can visit my website now. i set up the certificate and fix the untrusted issue .if i log in after i click anything like user doing will return to login userpage again and again, and the network have

    401 Unauthorized
    

    , i check the console its okay. but before i used config.json url is http, that time no more problem. can login any time, but can not use fb sso.


  • @oplik0 Yes until now can not login......


  • 屏幕快照 2019-11-12 上午12.40.22.png

    this what i get the error


  • The problem already solve thankyou for all the help. It works when u rewrite the the http rq to https.

Suggested Topics

| |