Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chatwoot - SSL Certificate Invalid and "Nothing here yet :/" Message for Password Reset Link #2099

Closed
hnmendes opened this issue Jul 19, 2024 · 2 comments
Closed

Chatwoot - SSL Certificate Invalid and "Nothing here yet :/" Message for Password Reset Link #2099

hnmendes opened this issue Jul 19, 2024 · 2 comments
Labels
deployment-issue

Comments

@hnmendes
Copy link

Description

I've deployed the Chatwoot application using CapRover. The setup seems correct, and HTTPS is functioning. However, when a new agent receives an email to set up their account and clicks on the link, they are redirected to a page showing "Nothing here yet :/" with an invalid SSL certificate warning.

Steps to Reproduce

  1. Deploy Chatwoot on CapRover.
  2. Ensure that HTTPS is set up and functioning properly.
  3. Invite a new agent to create an account, which sends an email.
  4. Click on the password reset link in the email, e.g., https://mydomain.com/app/auth/password/edit?reset_password_token=userToken

Expected Behavior

The user should be redirected to a secure page where they can reset their password without any SSL certificate errors.

Actual Behavior

The user is redirected to a page displaying "Nothing here yet :/" and a browser warning about an invalid SSL certificate.

NGINX Configuration

Here is my current NGINX configuration for mydomain.com:

<%
if (s.forceSsl) {
%>
    server {

        listen       80;

        server_name  <%-s.publicDomain%>;

        # Used by Lets Encrypt
        location /.well-known/acme-challenge/ {
            root <%-s.staticWebRoot%>;
        }

        # Used by CapRover for health check
        location /.well-known/captain-identifier {
            root <%-s.staticWebRoot%>;
        }

        location / {
            return 302 https://$http_host$request_uri;
        }
    }
<%
}
%>


server {

    <%
    if (!s.forceSsl) {
    %>
        listen       80;
    <%
    }
    if (s.hasSsl) {
    %>
        listen              443 ssl http2;
        ssl_certificate     <%-s.crtPath%>;
        ssl_certificate_key <%-s.keyPath%>;
    <%
    }
    %>

        client_max_body_size 500m;
        underscores_in_headers on;
        server_name  <%-s.publicDomain%>;

        resolver 127.0.0.11 valid=10s;
        set $upstream http://<%-s.localDomain%>:<%-s.containerHttpPort%>;

        location / {

        <%
        if (s.redirectToPath) {
        %>
            return 302 <%-s.redirectToPath%>;
        <%
        } else {
        %>

            <%
            if (s.httpBasicAuthPath) {
            %>
                auth_basic           "Restricted Access";
                auth_basic_user_file <%-s.httpBasicAuthPath%>; 
            <%
            }
            %>

                proxy_pass $upstream;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;

            <%
            if (s.websocketSupport) {
            %>
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_http_version 1.1;
            <%
            }
            %>

        <%
        }
        %>

        }

        # Used by Lets Encrypt
        location /.well-known/acme-challenge/ {
            root <%-s.staticWebRoot%>;
        }
        
        # Used by CapRover for health check
        location /.well-known/captain-identifier {
            root <%-s.staticWebRoot%>;
        }

        error_page 502 /captain_502_custom_error_page.html;
        location = /captain_502_custom_error_page.html {
            root <%-s.customErrorPagesDirectory%>;
            internal;
        }
}

Environment Details

CapRover version: 1.11.1
Chatwoot version: 3.11.0
Server OS: Ubuntu 22.04

Additional Information

  • SSL certificate for mydomain.com was obtained through Let's Encrypt.
  • The certificate appears to be correctly configured but results in an invalid certificate error when accessing the reset password link.
  • No apparent errors in the NGINX logs or Chatwoot logs relevant to this issue.

Request for Help

Any guidance on resolving the SSL certificate issue and the "Nothing here yet :/" message when accessing the password reset link would be greatly appreciated.
@githubsaturn
Copy link
Collaborator

Hi @hnmendes - one click apps are maintained by the community and not part the core service.
See here: https://github.com/caprover/one-click-apps/blob/master/.github/ISSUE_TEMPLATE/app_issue.md

image

@githubsaturn
Copy link
Collaborator

In this case, you can comment here: caprover/one-click-apps#974

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
deployment-issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@githubsaturn @hnmendes