Ghost serves images over HTTP randomly causing chrome warnings

Hello all,

After setting up my SSL cert on www.fastcomet.org I am getting warnings on some pages due to mixed content being served. The error makes sense:

  • The page is served over https, however it requests images over http.
  • Also, "A cookie associated with a resource at http://ethical-business-principles.com/ was set with SameSite=None but without Secure"

It seems to me that Ghost should have some configuration set so that all is run/served in HTTPS mode. The weird thing is this:

More info/context

  • Version: Ghost 3.2.0
  • Config (site is running in development mode so this is config.development.json:
  GNU nano 2.0.9                                File: config.development.json

{
  "url": "https://ethical-business-principles.com/",
  "server": {
    "port": 2368,
    "host": "127.0.0.1"
  },
  "database": {
    "client": "sqlite3",
    "connection": {
      "filename": "/home/erikstes/public_html/content/data/ghost-local.db"
    }
  },
  "mail": {
    "transport": "Direct"
  },
  "logging": {
    "transports": [
      "file",
      "stdout"
    ]
  },
  "process": "local",
  "paths": {
    "contentPath": "/home/erikstes/public_html/content"
  }
}
  • Google Chrome browser
  • When I try to run ghost setup ssl in the server terminal I get the following error:
Found a development config but not a production config, running in development mode instead
Nginx config file does not exist, skipping SSL setup

However, my setup includes Apache, not Nginx. Is there any docs on how to set Apache up correctly?

Meanwhile this problem has been solved. I needed to restart Ghost which I did not do after changing my json config file. After that I needed to remove and re-add some posts and pictures in order for https to fully work

1 Like