Fresh install - ERR_CONNECTION_REFUSED on HTTPS
-
@RandomAnimeGamer What's the URL in
config.json
set to ? -
@phenomlab said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:
@RandomAnimeGamer What's the URL in
config.json
set to ? -
@RandomAnimeGamer It looks like you don't have an SSL certificate set up, nor is your
config.json
expecting the site to be reached by an https url.So that may explain why you're seeing issues connecting via HTTPS?
-
@julian said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:
@RandomAnimeGamer It looks like you don't have an SSL certificate set up, nor is your
config.json
expecting the site to be reached by an https url.So that may explain why you're seeing issues connecting via HTTPS?
No, my SSL is set up with my hosting provider, who is also the company I've bought my domain for.
Should my config.json specify HTTPS? I thought it would allow both, and I would just redirect HTTP to HTTPS via htaccess or web.config. I was afraid to set up that redirection rule because it wasn't loading on HTTPS at all.
-
@RandomAnimeGamer if you intend to have the site hosted on https, then yes, this needs to be reflected in your
config.json
which is why I asked -
@phenomlab said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:
@RandomAnimeGamer if you intend to have the site hosted on https, then yes, this needs to be reflected in your
config.json
which is why I askedThis is very strange. I updated my config.json to point to HTTPS, but it still only loads in HTTP. I even did a build and restart.
NodeBB Log:
root@localhost:/etc/nodebb# ./nodebb log Hit Ctrl-C to exit * nodebb-plugin-mentions * nodebb-rewards-essentials * nodebb-theme-oxide 2022-06-01T21:57:16.362Z [4567/17567] - info: [api] Adding 0 route(s) to `api/v3/plugins` 2022-06-01T21:57:16.383Z [4567/17567] - info: [router] Routes added 2022-06-01T21:57:16.387Z [4567/17567] - info: NodeBB Ready 2022-06-01T21:57:16.388Z [4567/17567] - info: Enabling 'trust proxy' 2022-06-01T21:57:16.390Z [4567/17567] - info: NodeBB is now listening on: 0.0.0.0:4567 2022-06-01T21:57:16.391Z [4567/17567] - info: Canonical URL: https://zbgamewiki.com:4567
-
@RandomAnimeGamer do you get the same issue if you try with an incognito session ?
-
@phenomlab said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:
@RandomAnimeGamer do you get the same issue if you try with an incognito session ?
Yep, same behavior on Incognito
-
In case anyone was wondering if this was a temporary "wait a bit of time for it to propogate/update" issue, I'm still seeing the issue today on Incognito. HTTPS gives ERR_CONNECTION_REFUSED, HTTP connects.
Update: I tried getting nginx to listen for 443 instead of 80, rebuilt nodeBB and restarted, I still see the same issue after closing / re-opening incognito.
Update 2: Looked at the source of a resulting page and found:
<link rel="up" href="https://zbgamewiki.com:4567" />Any requests that go to HTTPS internally result in a timeout on the network tab, and a console error is generated as a result.
-
@RandomAnimeGamer If your domain registrar handles SSL for you, that's fine. You can leave your nginx config as-is (listening on port 80).
Change your config.url to
https://zbgamewiki.com
What does
nginx -t
say? -
@julian said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:
@RandomAnimeGamer If your domain registrar handles SSL for you, that's fine. You can leave your nginx config as-is (listening on port 80).
Change your config.url to
https://zbgamewiki.com
What does
nginx -t
say?I did change my config url to
https://zbgamewiki.com
to no avail. I am trying one thing real quick (building and restarting nodebb) but after that I'll edit this post and show whatnginx -t
says.Edit: After changing nginx back to listening on port 80, then running
nginx -t
, I get this:nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Edit 2: nginx config for zbgamewiki.com:
1 server { 2 listen 80; 3 4 server_name zbgamewiki.com; 5 6 location / { 7 proxy_set_header X-Real-IP $remote_addr; 8 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 9 proxy_set_header X-Forwarded-Proto $scheme; 10 proxy_set_header Host $http_host; 11 proxy_set_header X-NginX-Proxy true; 12 13 proxy_pass http://127.0.0.1:4567; 14 proxy_redirect off; 15 16 # Socket.IO Support 17 proxy_http_version 1.1; 18 proxy_set_header Upgrade $http_upgrade; 19 proxy_set_header Connection "upgrade"; 20 } 21 } 22
-
So after doing a lot of digging, I found out that the error was that NGINX needs to be configured for the SSL. This isn't really mentioned in the Ubuntu nodeBB guide, and the NGINX configuration guide linked on it is a dead link.
First, I needed to combine my certificate and intermediate certificate (If you have a root certificate, you combine it as well) into one .cert file. This amounted to just copying the intermediate certificate and pasting it after the regular certificate (keeping the "BEGIN" and "END" lines).
Then, I inserted the combined key into /etc/ssl/ directly. After doing this, I added my private key to a new folder I created in etc named "keys" (/etc/keys/).
Lastly, I referenced my SSL in the "default" file in /etc/nginx/sites-available/default
listen 443 ssl default_server; ssl on; ssl_certificate /etc/ssl/zbgamewiki.com_ssl_bundle.cer; ssl_certificate_key /etc/keys/_.zbgamewiki.com_private_key.key;
And restarted nginx via
sudo systemctl reload nginx
-
-