SSL configured Ghost generates a few non-HTTPS links in the body

unit871 · February 25, 2019, 11:14pm

Hey.
Im using version 2.10.1. with NGINX as reverse proxy. When opening a page in browser get notification about mixed content on the page. While looking at the source of the page I saw that some links werent generated with https. Namely:

<link rel="canonical" href="http://example.com/blog/" />

    "publisher": {
        "@type": "Organization",
        "name": "Example",
        "logo": "http://example.com/blog/content/images/2019/02/logo-green-1.png"
    },

My nginx config is as follows:

       location /blog/ {
           proxy_pass http://172.31.39.114:4000/blog/;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Host $host;
           proxy_set_header X-Forwarded-Proto $scheme;
           proxy_set_header Host $http_host;
        }

My ghost config is:

  "url": "http://example.com/blog",
  "urlSSL": "https://example.com/blog",
  "server": {
    "port": 2368,
    "host": "0.0.0.0"
  }

Weirdly, if i just use https link in “url” parameter, it breaks proxy pass, because after that i can’t even curl to ghost install on http, as it tries to redirect to https, which of course wouldn’t work.

Is there something Im missing? Thanks !

vikaspotluri123 · February 26, 2019, 12:48am

You need to have Ghost configure nginx as it was previously done -

ghost config set url https://example.com/blog
ghost setup nginx
ghost restart

The urlSSL configuration option does not exist:

unit871 · February 26, 2019, 1:29pm

This isn’t an option for me, unfortunately. Ghost is installed on it’s own, separate instance and has no (and shouldn’t have, really) knowledge about our main reverse-proxy.

Can you, or anyone just point to me to an issue with my NGINX config ? As in, what exactly ghost-cli would do differently that would make it work right.

vikaspotluri123 · February 26, 2019, 1:55pm

Make sure check that your http config is redirecting to SSL, and check out the nginx tepate that the cli uses:

unit871 · February 26, 2019, 4:00pm

Im not sure to which “http config” you’re referring to.

NGINX section for ghost is written in my first post and it’s exactly the same one as in the template, minus X-Real-IP header, which shouldn’t make a difference.
My ghost does work on https, the only issue is those few HTTP links in the header\body of the rendered page.
And I assume it’s because in my ghost config, i have URL written with http:

"url": "http://example.com/blog",

But if i switch it to https, it stops working at all even on it’s own, because now node server wants to serve content over https.

curl http://127.0.0.1:2368/blog
Moved Permanently. Redirecting to https://127.0.0.1:2368/blog/

vikaspotluri123 · February 26, 2019, 9:57pm

I think there were a couple of misunderstandings Here’s a couple of things that should hopefully help:

Your ghost url must be configured to https.
If you don’t set the x-forwarded-proto header, the ghost instance will redirect you. That’s why you got a redirect with curl. If you access the site through nginx, you shouldn’t run into a redirect issue

unit871 · February 26, 2019, 11:14pm

Oh… got it. x-forwarded-proto was what’s needed to make it work over HTTP internally.

Thanks, Vikas, that solved it.

system · March 12, 2019, 11:14pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
[resolved]Ghost Blog, can not have https links to my own website Developer help	2	743	June 2, 2020
HTTPS for Canonical URL Developer help	3	405	August 13, 2020
Ghost CLI optional force https Ideas	9	6640	April 16, 2018
Ghost Apache Mixed Content #site Installation	2	1494	April 9, 2019
Can't get full site ssl Installation	5	3085	March 6, 2020

SSL configured Ghost generates a few non-HTTPS links in the body

Related topics