Solved Fresh install - ERR_CONNECTION_REFUSED on HTTPS

  • GNU/Linux Admin

    @RandomAnimeGamer It looks like you don't have an SSL certificate set up, nor is your config.json expecting the site to be reached by an https url.

    So that may explain why you're seeing issues connecting via HTTPS?


  • @julian said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:

    @RandomAnimeGamer It looks like you don't have an SSL certificate set up, nor is your config.json expecting the site to be reached by an https url.

    So that may explain why you're seeing issues connecting via HTTPS?

    No, my SSL is set up with my hosting provider, who is also the company I've bought my domain for.

    Should my config.json specify HTTPS? I thought it would allow both, and I would just redirect HTTP to HTTPS via htaccess or web.config. I was afraid to set up that redirection rule because it wasn't loading on HTTPS at all.


  • @RandomAnimeGamer if you intend to have the site hosted on https, then yes, this needs to be reflected in your config.json which is why I asked šŸ‘


  • @phenomlab said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:

    @RandomAnimeGamer if you intend to have the site hosted on https, then yes, this needs to be reflected in your config.json which is why I asked šŸ‘

    This is very strange. I updated my config.json to point to HTTPS, but it still only loads in HTTP. I even did a build and restart.

    NodeBB Log:

    [email protected]:/etc/nodebb# ./nodebb log
    
    Hit Ctrl-C to exit
    
    
      * nodebb-plugin-mentions
      * nodebb-rewards-essentials
      * nodebb-theme-oxide
    
    2022-06-01T21:57:16.362Z [4567/17567] - info: [api] Adding 0 route(s) to `api/v3/plugins`
    2022-06-01T21:57:16.383Z [4567/17567] - info: [router] Routes added
    2022-06-01T21:57:16.387Z [4567/17567] - info: NodeBB Ready
    2022-06-01T21:57:16.388Z [4567/17567] - info: Enabling 'trust proxy'
    2022-06-01T21:57:16.390Z [4567/17567] - info: NodeBB is now listening on: 0.0.0.0:4567
    2022-06-01T21:57:16.391Z [4567/17567] - info: Canonical URL: https://zbgamewiki.com:4567
    

    Image showing SSL installed
    Image showing HTTP Successful
    Image showing HTTPS Unsuccessful


  • @RandomAnimeGamer do you get the same issue if you try with an incognito session ?


  • @phenomlab said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:

    @RandomAnimeGamer do you get the same issue if you try with an incognito session ?

    Yep, same behavior on Incognito


  • In case anyone was wondering if this was a temporary "wait a bit of time for it to propogate/update" issue, I'm still seeing the issue today on Incognito. HTTPS gives ERR_CONNECTION_REFUSED, HTTP connects.

    Update: I tried getting nginx to listen for 443 instead of 80, rebuilt nodeBB and restarted, I still see the same issue after closing / re-opening incognito.

    Update 2: Looked at the source of a resulting page and found:
    <link rel="up" href="https://zbgamewiki.com:4567" />

    Any requests that go to HTTPS internally result in a timeout on the network tab, and a console error is generated as a result.

  • GNU/Linux Admin

    @RandomAnimeGamer If your domain registrar handles SSL for you, that's fine. You can leave your nginx config as-is (listening on port 80).

    Change your config.url to https://zbgamewiki.com

    What does nginx -t say?


  • @julian said in Fresh install - ERR_CONNECTION_REFUSED on HTTPS:

    @RandomAnimeGamer If your domain registrar handles SSL for you, that's fine. You can leave your nginx config as-is (listening on port 80).

    Change your config.url to https://zbgamewiki.com

    What does nginx -t say?

    I did change my config url to https://zbgamewiki.com to no avail. I am trying one thing real quick (building and restarting nodebb) but after that I'll edit this post and show what nginx -t says.

    Edit: After changing nginx back to listening on port 80, then running nginx -t, I get this:

    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful
    

    Edit 2: nginx config for zbgamewiki.com:

      1 server {
      2     listen 80;
      3
      4     server_name zbgamewiki.com;
      5
      6     location / {
      7         proxy_set_header X-Real-IP $remote_addr;
      8         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      9         proxy_set_header X-Forwarded-Proto $scheme;
     10         proxy_set_header Host $http_host;
     11         proxy_set_header X-NginX-Proxy true;
     12
     13         proxy_pass http://127.0.0.1:4567;
     14         proxy_redirect off;
     15
     16         # Socket.IO Support
     17         proxy_http_version 1.1;
     18         proxy_set_header Upgrade $http_upgrade;
     19         proxy_set_header Connection "upgrade";
     20     }
     21 }
     22
    

  • So after doing a lot of digging, I found out that the error was that NGINX needs to be configured for the SSL. This isn't really mentioned in the Ubuntu nodeBB guide, and the NGINX configuration guide linked on it is a dead link.

    First, I needed to combine my certificate and intermediate certificate (If you have a root certificate, you combine it as well) into one .cert file. This amounted to just copying the intermediate certificate and pasting it after the regular certificate (keeping the "BEGIN" and "END" lines).

    Then, I inserted the combined key into /etc/ssl/ directly. After doing this, I added my private key to a new folder I created in etc named "keys" (/etc/keys/).

    Lastly, I referenced my SSL in the "default" file in /etc/nginx/sites-available/default

    listen 443 ssl default_server;
    ssl on;
    ssl_certificate /etc/ssl/zbgamewiki.com_ssl_bundle.cer;
    ssl_certificate_key /etc/keys/_.zbgamewiki.com_private_key.key;
    

    And restarted nginx via sudo systemctl reload nginx

  • Topic has been marked as solved  RandomAnimeGamer RandomAnimeGamer 
  • Referenced by  RandomAnimeGamer RandomAnimeGamer 

Suggested Topics

| | |

Ā© 2014 ā€“ 2022 NodeBB, Inc. ā€” Made in Canada.