Problem with URL before login. Adding 80 port

Hello, I’m just starting using Axelor and this is actually such a great software.

I have a question, right now, I have setup Axelor to be on the ROOT of the tomcat webapps, I have setup my Nginx Proxy Manager to point to my server using http port 8080.

The thing is, whenever I try to connect to http://erp.xxxx.com I get redirected to http://erp.xxxx.com:80/login.jsp and get ERR_SSL_PROTOCOL_ERROR.

Then I have to remove manually the « :80 » part of URL and type enter in order to get to http://erp.xxxx.com/login.jsp

Anyone knows how to fix this behaviour? Any help is really appreciatted

Hello
I do also use NGINX to manage HTTPS and Proxy to port 8080
I think you have a wrong nginx configuration

See below configuration

# Tomcat config
upstream tomcat {
    server 127.0.0.1:8080 fail_timeout=0;
}
server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;

	server_name _;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		#try_files $uri $uri/ =404;
        	include proxy_params;
        	proxy_pass http://tomcat/;
		proxy_connect_timeout       600;
		proxy_send_timeout          600;
		proxy_read_timeout          600;
		send_timeout                600;
	}


}


server {

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;
    server_name www.staging.example.com staging.example.com; # managed by Certbot


	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		#try_files $uri $uri/ =404;
        	include proxy_params;
        	proxy_pass http://tomcat/;
		proxy_connect_timeout       600;
		proxy_send_timeout          600;
		proxy_read_timeout          600;	
		send_timeout                600;
	}



    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/staging.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/staging.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



}

Dear,
Have you managed to fix your problem? I too have this behaviour with Tomcat behind HAProxy as reverse proxy with no luck. I noticed also that connecting to http://erp.xxxx.com redirects « correctly » to https://erp.xxxx.com/login.jsp (but https://erp.xxxx.com redirects to https://erp.xxxx.com:80/login.jsp as you state - I believe you forgot the s in your example URLs https://erp.xxxx.com).
There have been quite a few changes with respect to headers on the latest version (see https://github.com/axelor/axelor-open-platform/blob/v6.1.0/CHANGELOG.md#features). I plan to look further at my HAProxy configuration with respect to these changes.
Regards

I have the same problem, and is the same configuration of other axelor in older version.

seems a problem of the newer version

I happened to add the following line in the HAProxy backend section for the Axelor instance:

  http-request add-header X-Forwarded-Port %[dst_port]

and the undesired redirection to explicit :80 port is no more.

with nginx proxy manager this solutions seems not working, I tried

add_header X-Forwarded-Port 443;

and

proxy_set_header X-Forwarded-Host $host:443;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port 443;

but the :80 still appear

I will try to dig further into the configuration

Hi, any solutions found ? I have the same issue

Hi everyone,
For our company, when anyone type the url :
http://subdomain.domain.com

or

https://subdomain.domain.com

they are correctly redirected to :

https://subdomain.domain.com/axelor-erp-X.X.X/login.jsp

And the certificate works.
We are on axelor 7.2.5.
We were able to setup APACHE(WEB) / APACHE (TOMCAT) / LET’S ENCRYPT in order to acheive that.
If this is the situation you are looking for, feel free to ask for configuration files.

BTW, our final target would be to have https://subdomain.domain.com showing the app instead https://subdomain.domain.com/axelor-erp-X.X.X/login.jsp
But we did not spend enough time playing with « RewriteRule ».

No one has the same problem with Nginx or Nginx proxy manager ?

Hey Davide,

I encountered the same issue today. After messing around with it. I used this under location for the SSL server block and I don’t get redirected to port 80 any longer when I log out

proxy_set_header X-Forwarded-Port $server_port;

Hi Glitch,
did you use nginx proxy manager ?

what version, maybe I need an update.
Because with the same clause nothing changed!

Hi Davide,

I don’t use NGINX proxy manager. I just use NGINX on ubuntu. Possibly just use regular NGINX instead of the proxy manager version? Could you show me the config file? I could compare it to mine. I definitely had the same issue you had and that worked for me.