Oauth2 redirect_uri uses HTTP when my forum is using HTTPS

Hi,

I just enabled HTTPS for my Discourse forum (Let’s Encrypt + nginx on host system). No redirection was added so visitors can use HTTP or HTTPS. Everything worked as expected.

Then I tried to enable Google Oauth2 authentication. However, I noticed that Discourse called Google Oauth2 with redirect_uri set to the HTTP forum URL while the forum was opened with HTTPS.

How can I fix this? My forum is https://discussion.listary.com/ . Thanks in advance for any help.

Do You have force https enabled?

1 Like

No. Is there a Discourse setting for that?

Indeed there is!

In admin > settings
Search for force https and enable it.

2 Likes

Just tried that setting. And unfortunately, it’s still the same.

I think Discourse should be able to detect the original protocol automatically. I don’t know why it doesn’t work in my case.

I got it working. I used Certbot to manage Let’s Encrypt on my host system. It turned out that some rules Certbot added to the nginx config file is not fully compaitible with Discourse docker. I fixed it according to Running other websites on the same machine as Discourse.

3 Likes