Advanced Setup Only: Allowing SSL / HTTPS for your Discourse Docker setup

#219

You are right. I waste $100

2 Likes
Static Pages plugin causing login problem
(Jay Pfaffman) #220

It would appear that you’ve wasted the $100 if you can’t get a refund (I doubt that you can), but in spite of that, it’ll be easier to use the free cert than using the one you paid for.

1 Like
(D.J. Moore) #221

I am seeing mix content now that I enabled Let’s Encrypt. Where do I find what to change to make everything https://?

(Stephen) #222

Visit Admin -> Settings and search for ‘https’ - make sure ‘Force HTTPS’ is turned on so that all local URLs are rewritten to reference the secure path.

If you have any customisations which explicitly reference off-server HTTP resources they may need to be manually corrected.

4 Likes
(Casey) #223

I am having trouble with my SSL.

My main site (no-www) has a working SSL: https://cmox.co

My subdomain, which is a different host (DO, droplet), should be covered by the main SSL.
Subdomain: lab.cmox.co

The subdomain is throwing a 521 Error.

Upon looking into Digital Ocean, I ran the following command:


Port 443 appears to be open.

Cloudflare support shared this with me: Community Tip - Fixing Error 521: Web server is down - DNS & Network - Cloudflare Community
1.) My website is working.
2.) Per the above, I believe my host is listening to port 443
3.) I can’t find an .htacces file in /var/discourse. I don’t know how to check IP tables, or my firewall but can troubleshoot with Digital Ocean
4-8.) Not sure this is my problem. Can someone point me in the direction if they think it is? I can troubleshoot those particular issues if I know they could be culprits.

Can you help me identify if the problem is a Discourse, Cloudflare, LetsEncrypt or host (Digital Ocean) problem?

(Jeff Atwood) #224

The first think you want to do is disable CloudFlare completely as it causes many problems here.

3 Likes
(Jay Pfaffman) #225

No. It should not. It is a different server with different everything.

You should make cloudflare dns only and run discourse-setup again to enable let’s encrypt.

2 Likes
(Casey) #226

OK, I just Destroyed my entire Droplet and started again. I did the 1-click install of Discourse and setup the SMTP. Everything was fine, the site resolved at http://159.89.186.61/

Then I ran ./discourse-setup and filled out my email address for Lets Encrypt. Then I got the following error:

When I accessed http://159.89.186.61/ again, I receive this error: This site can’t be reached

For good measure, I updated my A Record with the following:


Note that I am bypassing Cloudflare CDN and only using it for DNS.

I checked app.yml and see this:

Can y’all help me resolve this error? Thank you for your help so far! I feel like I’m nearly there!

(Stephen) #227

We don’t support the 1 click install here. Only installs which follow the standard install guide. If you’re going to continue using it then you need to contact DigitalOcean for assistance.

Access by IP is also completely unsupported. Make sure DNS is pointed at the new droplet.

4 Likes
(Casey) #228

I got it all set. Thanks for your patience and support.

1 Like
#230

What does it mean?

I have intermediate.crt how can i concatenate the cert files?

(Sam Saffron) #231

From all I remember doing this years ago, it simply copying and pasting a bunch of chunks into a single file.

I do however recommend just forgetting about this mess and going with lets encrypt.

6 Likes