Hello,
I recently installed ininja on my server.
Here is my problem. I cant get Ininja use a SSL encrypted connection, certificates are ok. If I enable force https I get an too many redirects error. If I leave it of. My Browser is blocking unsecure load connections even if is set App-URL to https://(mydomain)
My Configuration
PHP 7.0
Nginx 1.34.3. self-compiled
Logfiles and so on are empty.
Regards
hillel
September 12, 2017, 9:09am
2
I’m not sure, are you using a proxy?
hillel
September 23, 2017, 10:52am
4
Are there any differences with the use of ‘www’ in the links.
It could be related to the webserver configuration, maybe try using Apache?
Actually it is an subdomain like ininja.***.com atm https is disabled, but If i redirect all traffic (via NGINX) I get this error - if I switch https on (config in nginx) all css und js files are unloadable.
hillel
September 23, 2017, 11:28pm
6
Are you using a wildcard certificate? You may want to try running it in a sub-folder.
I am using a certificate from letsencrypt. Thats the Domain ininja.codingsoul.info.
Thx for the help
hillel
September 24, 2017, 12:16am
8
Is the subdomain specified in the certificate?
Not sure what else to suggest other than to try Apache.
Actually thats odd…
It worked on Debian with Nginx and now wont work - any other suggestions? The certificate is specially issued on ininja.codingsoul.info
Thx
So maybe this can give you a hint - I made new certificates set my Domain to https in the .env File. I get the following error (no js and css is loading)
https://billing.codingsoul.info/
hillel
September 24, 2017, 3:30am
12
I’m seeing a 500 error, you’d want to check the logs for details.
Again after a fresh install I get the following error:
[Warning] [blocked] The page at https://billing.codingsoul.info/setup was not allowed to run insecure content from http://billing.codingsoul.info/built.js?no_cache=3.7.2 .
-> even before I did anything
hillel
September 24, 2017, 4:47am
14
What is APP_URL set to in the .env file?
hillel
September 24, 2017, 4:56am
16
For everyone having the Same problems as me -
under location .php you need to add
fastcgi_param HTTPS on;
Regards.
1 Like
hillel
September 24, 2017, 10:36pm
18
Thanks for sharing your solution!
samual
September 25, 2017, 12:35am
19
Not having the same issue but for future reference where is location.php? Thanks.
P.S. you might want to add to your .htaccess
#BEGIN HSTS
Header set Strict-Transport-Security: “max-age=31536000 ; includeSubDomains ;” env=HTTPS
#END HSTS
That’ll redirect all traffic to https and also tell browsers to remember to only visit https.
This did the trick for me running invoice ninja with nginx and behind a reverse proxy (also nginx).