Join the conversation

Wekan

General

Wekan is an open-source kanban board (Trello like) which allows a card-based task and to-do management.

More active conversations

Wekan / General

ssl

Wekan/General · January 21, 2020 at 8:30pm

ssl

Wekan / General · January 21, 2020 at 8:30pm (Edited 4 years ago)

When you put wekan behind an elb with an ssl certificate everything works fine (everything really) until you click on the info hambuger in the middle of any wekan card. In Firefox it says Secure Connection Failed

An error occurred during a connection to xx.xx.xx.xx. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

and on chrome it says This site can’t provide a secure connection xx.xx.xx.xxsent an invalid response.

ERR_SSL_PROTOCOL_ERROR. Any idea how to remedy this? its something about date or something like this when you try and view the comments and labels or something (hard to know at this point. THanks

Just for grins I set a send path through the elb without the ssl and the info window pops up fine with all the details (member, assigned, due..... its something about that window encoding. Thanks

Load previous messages

March 7, 2020 at 8:47pm

Paul Verdone@pvcon13

8:47pm

just not sure why t not parsing

8:48pm

than thanks for point out how to look

8:48pm

thanks

Lauri Ojansivu@xet7

Team

8:48pm

Maybe in Caddyfile it complains about http address, if it should have only https address

8:48pm

When using Let's encrypt it's only domain like example.com , without http and https

8:49pm

In cloudflare I have http https , to specify them separately

8:49pm

in cert file 1. private key 2. cert . There should be no space between them.

8:50pm

it seems to work for me at https://releases.wekan.team/

8:52pm

I use CloudFlare page rules to redirect to https. SSL/TLS Full (Strict)

8:52pm

DNS Proxied - orange cloud icon

8:54pm

Page Rules:

8:54pm

http://wekan.team/* Always Use HTTPS On

Off 2 http://.wekan.team/ Always Use HTTPS

8:55pm

I mean:

http://wekan.team/*
Always Use HTTPS
http://*.wekan.team/*
Always Use HTTPS

9:00pm

Validata Caddyfile:

sudo su
cd /var/snap/wekan/common
/snap/wekan/current/bin/caddy -validate

9:01pm

validate

9:01pm

then it shows are there errors

9:02pm

When Caddyfile is valid, do:

sudo snap stop wekan
sudo snap start wekan

March 7, 2020 at 11:24pm

Paul Verdone@pvcon13

11:24pm

Error during parsing: /var/snap/wekan/common/certs/cert.pem: no private key block found

11:24pm

tried two files and one file

11:25pm

with the load statement it never finds the private info

11:25pm

I will go back to naming the files in the Caddyfile config I guess

11:25pm

thanks for the validate line its at least making it clear what it does not like

11:25pm

Lauri Ojansivu@xet7

Team

12:03am

-----BEGIN PRIVATE KEY-----
something here
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
something here
-----END CERTIFICATE-----

12:03am

That works for me