SSL not working on front page

8 months ago
Iam using nopcommerce 4.20 build on linx ubuntu 18.04. But i don't know why admin page is secure with ssl, but front page is not secure.
This is image for admin
https://ibb.co/vz5JX47
This is image front
https://ibb.co/h7h91G8
This is my website https://onable.net/
What did I do wrong?
8 months ago
dinhvanvo wrote:
Iam using nopcommerce 4.20 build on linx ubuntu 18.04. But i don't know why admin page is secure with ssl, but front page is not secure.
This is image for admin
https://ibb.co/vz5JX47
This is image front
https://ibb.co/h7h91G8
This is my website https://onable.net/
What did I do wrong?


What do you use for SSL termination?
8 months ago
Hi nopAccelerate.com,
This is my nginx config(/etc/nginx/sites-available):
# Default server configuration
#
server {

    server_name   onable.net www.onable.net;

    location / {
    proxy_pass          http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection keep-alive;
    proxy_set_header   Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    }

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    ssl_certificate /etc/letsencrypt/live/onable.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/onable.net/privkey.pem; # managed by Certbot
}

server {
    if ($host = www.onable.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = onable.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name   onable.net www.onable.net;
    return 404; # managed by Certbot
}
8 months ago
Hi,

May be you need to listen to port 80 in server block, and do a redirect to https. The current redirection is inside if condition, which might not work.


server {
    listen 80;

    server_name foo.com;
    return 301 https://foo.com$request_uri;
}
8 months ago
I change it, but it not working.
https://onable.net/
server {

    server_name   onable.net www.onable.net;

    location / {
    proxy_pass          http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection keep-alive;
    proxy_set_header   Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    }

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/onable.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/onable.net/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf;
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {

    listen 80;

    server_name   onable.net www.onable.net;
  return 301 https://$server_name$request_uri;
}
8 months ago
Try with this


server {
  listen [::]:80;
  listen 80;
  server_name domain.com www.domain.com;
  return 301 https://www.$host$request_uri;
}


This works for me correctly.
8 months ago
Thanks nopAccelerate.com. Now it working
https://onable.net/
8 months ago
dinhvanvo wrote:
Thanks nopAccelerate.com. Now it working
https://onable.net/


Glad to know that!

BTW my name is Krunal.

And you're welcome . :)
3 weeks ago
This didn't quite work for me but eventually found a solution if someone is facing the same issue

https://docs.nopcommerce.com/en/getting-started/advanced-configuration/how-to-install-and-configure-ssl-certification.html#mixed-content-http-and-https

and

https://www.tbs-certificates.co.uk/FAQ/en/upgrade-insecure-requests.html

lead me to adding the below line to my server block and now all images are referenced with https:

add_header Content-Security-Policy upgrade-insecure-requests;