Insecure connection on Chrome and Edge but secure on Firefox after upgrading to tutor 11.0.2

Hi everyone,
After upgrading to tutor 11.0.2 and launching the platform using tutor local quickstart I get MySql error and couldn’t get back the previous test courses, so I deleted the environment and started a fresh installation.
The installation went well but when trying to access the site trough Google Chrome, I got an insecure connection warning. The same thing happened with Microsoft Edge.
Firefox however, showed a secure connection.
I deleted all the cache, cookies, etc used the private browsing but still have the same behavior.
The Caddyfile shows:

afaq-online.com {
reverse_proxy nginx:80
}
preview.afaq-online.com {
reverse_proxy nginx:80
}
studio.afaq-online.com {
reverse_proxy nginx:80
}

Any help is appreciated.

@SayHi,
Thanks for testing Tutor v11. I do not manage to reproduce your issue. When I go to https://afaq-online.com/ in Chromium 87.0.4280.66 or Chrome 80.0.3987.87 the secure icon is clearly visible and I do not receive any security warning.

  1. Can you try to reproduce on a different network? I would like to verify that your firewall is not causing any issue – as it could in China, for instance.
  2. What is the output from the developer console? Hit F12 and go to the console tab. Are there any element in red there? If yes, please post another screenshot.

Hi @regis ,
This morning after reading your replay, I tried to execute the suggested troubleshooting. I first verified the version of Edge and Chrome which are respectively 87.0.664.60 and 87.0.4280.88 both up to date.
surprisingly, the warning has gone from the two browsers :thinking:
Plus, no red warnings in the developer console.


Noting that the issue mentioned above lasted for more that one hour which was more that sufficient for the certificate to be generated.
I wander now that Caddy replaced Nginx and this later is no more connected to port 443 and the Caddyfile didn’t show the secure port configuration, were can we find it to check for. I tried Certbot, tutor local certificates with no effect. This later is now deprecated.

Plus now that Caddy acts as reverse proxy, could we put a front site to our Openedx instance as Caddy allows virtual multi-ports connections ?

If this happen again, can you please check the logs from the caddy container?

SSL/TLS certificates are now handled transparently by Caddy, which means that you don’t have to run any command to generate the SSL/TLS certificates.

Yes – but this has always been the case: https://docs.tutor.overhang.io/local.html#running-open-edx-behind-a-web-proxy (note that I need to slightly update the wording of these docs now).
Just disable Caddy (RUN_CADDY=false), configure Nginx to expose a different port (NGINX_HTTP_PORT=81) and configure your web server to proxy all traffic from LMS_HOST and its subdomains to 127.0.0.1:81.

1 Like