Setting up HTTPS support with Let's Encrypt

#377

Just wanted to make sure, I’ve already spent more than 8 hours trying to fix my issue: Why is the Apple Touch Icon loaded via HTTP instead of HTTPS?

Thanks for replying!

(Adam) #379

That was it. Thanks!

(Camilo Berneri) #380

HI

I have done everything of this tutorial an it worked (i think)

but i have this lock in my https, what means? please help

1 Like
(Joshua Rosenfeld) #381

Hi Camilo,

I cannot load https://comunidad.wanderlancers.com/login to take a look as it appears you’re redirecting to a SSO provider. However, I can load https://comunidad.wanderlancers.com/u/admin-login and am seeing the secure padlock.

If you click on the padlock with the warning icon, Firefox should give you more details.

1 Like
(Shannii) #382

I’m really new to this, but I’m stuck at this stage and I cannot, for the life of me, rebuild!

(Keith John Hutchison) #383

What have you tried?
Do you have shell access to the server?

(Shannii) #384

I’m using DigitalOcean and I do have access to the console. I got to this point and I just couldn’t do anything else!

Forgive me: I don’t have any experience. I’m trying to start a discourse for my writing blog, haha!

(Keith John Hutchison) #385

We used one of our email addresses for our domain. You could put your own email address in to start with then continue on with the build.

#386

I’m using Discourse on a one-click droplet by DigitalOcean. Is there any way to have certificates automatically renewed instead of having to do it manually every three months?

I’m not very savvy. Thanks!

(Shannii) #387

Yeah haha I put my email address in, but I can’t seem to go on any further

(Jay Pfaffman) #388

They renew automatically.

What happens after discourse-setup takes your information and starts the rebuild? Does your domain name point to your server? Do you have something else in the way (e.g., cloudflare)?

2 Likes
(Shannii) #389

It was actually just a glitch with DigitalOcean! All sorted now! I contacted support and they walked me through how to fix it. There was actually no way to move on!

2 Likes
#391

I have a vanilla discourse that I just setup using the digital ocean droplet running but my browsers indicate that parts of the page are insecure due to images:

These are literally you’re images that are causing the insecurity? I had uploaded logos prior and deleted all of them thinking that was somehow the problem but… nope… the discourse logos are now the problem… what’s going on?

(Stephen) #392

No, it’s because you haven’t enabled force_https. Once you do Discourse will refer to those assets using https.

You need to enable that setting once you have configured https and tested it. It’s not automatic.

4 Likes
(Camilo Berneri) #393

where do you enabled that?¿

1 Like
(Keith John Hutchison) #394

Assuming you have admin rights.

https://{your-host}/admin/site_settings/category/all_results?filter=force_https

4 Likes
#395

Okay, thank you Stephen! Gosh, I was really scratching my head because of this part of @tgxworld original post:

5. Adjust your dependencies for HTTPS

  • Check that all shared resources such as images, logos, third party JavaScript dependencies, etc, are all linked via https:// and not http://
  • Check all your social logins and make sure they are pointing to the https:// and not http:// versions of your site’s authentication URLs.
  • If you are using a CDN, you will need to switch your CDN to use https:// and not http:// to pull resources.
  • If your browser does not show any warnings in its f12 console in the security about insecure assets:… you are now ready to force HTTPS by going toAdmin :arrow_right: site settings :arrow_right: force https

You really might want to update that section to reflect the instructions for setting up HTTPS because apparently I did everything right but the current instructions make it seem like I did something wrong because the default images were causing an insecurity error. I just toggled Force HTTPS and everything works (the instructions had me thinking I was going to wreck my install because of “insecure” images).

Anyhow, thanks again! I’m the new happy owner of a HTTPS Discourse!

2 Likes
(Camilo Berneri) #397

thanks @csmu

=D
20 characters to send message