Stripe not recognizing valid HTTPS on Ghost

Keywords: Ghost - AWS - Technical issue - Plugins installation/configuration

bnsupport ID: efc94a49-ac1c-d0ee-e3d6-2896a5f4e03e

bndiagnostic output:

? Connectivity: Found possible issues
https://docs.bitnami.com/general/faq/administration/use-firewall/

bndiagnostic failure reason: The suggested guides are not related with my issue

Description:
I have setup a ghost instance in AWS for bunkhouse.braxtonmccoy.com following all the prescribed recipes and ingredient but can’t figure out how to get Stripe to recognize that I have a valid Let’s Encrypt certificate. I have sought out any other advice or other tickets/forum posts for a similar issue and tried troubleshooting it myself but can’t seem to find out the issue root cause. This is a brand new AWS image and needs no current updates. Diagnostic only returned one issue related to how I have restricted 22 access (for security), which was intentional and shouldn’t be a part of the problem. The url in /opt/bitnami/ghost/config.production.json shows “ht tps://bunkhouse.braxtonmccoy .com” (spaces intentionally created due to limits on new user posts) and all the common https redirection issues seem to have been worked out, but when I login through the ghost application management interface in the “Settings” and “Membership” sections it still doesn’t allow me to integrate Stripe, saying that HTTPS hasn’t been enabled. Does anyone know what I have failed to configure correctly?

Hi @d1g1t4ldr0pz0n3

Thanks for using Bitnami Ghost!

I have tried accessing your site but, unfortunately, I am not able to do so :frowning: Accessing your domain results in a redirection to localhost:

$ curl -LI http://bunkhouse.braxtonmccoy.com
HTTP/1.1 302 Found
Date: Tue, 05 Oct 2021 08:41:41 GMT
Server: Apache/2.4.49 (Unix) OpenSSL/1.1.1d
Location: https://bunkhouse.braxtonmccoy.com/
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 301 Moved Permanently
Date: Tue, 05 Oct 2021 08:41:41 GMT
Server: Apache/2.4.49 (Unix) OpenSSL/1.1.1d
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Location: https://127.0.0.1:2368/
Vary: Accept,Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Length: 57

Have you performed any recent changes? From your screenshot, it seems that you were able to access the site just fine. Other than that, the certificate itself seems to be properly configured.

$ openssl s_client -connect bunkhouse.braxtonmccoy.com:443
...
Verify return code: 0 (ok)

Best regards,
Jose Antonio Carmona


Was my answer helpful? Click on :heart:

Thanks for replying Jose. I tried to configure the URL last night to https://bunkhouse.braxtonmccoy.com using the ghost config command. It seems like that broke something. I have since restored from backup. Can we look at it together now and try to diagnose the problem? I have checked and it is up and configured as before.

Any chance you can take a look at it now @jcarmona?

I’ve tried multiple brand new, from scratch instances (including the one released today) @jcarmona, and it still says it isn’t protected with HTTPS when it has a valid, newly created Let’s Encrypt certificate. What should I do?

Hi @d1g1t4ldr0pz0n3

I am unsure if Stripe requires further steps to complete the setup process, but everything seems to be in place from Ghost’s point of view.

The certificate is correctly recognized by the web browser:

Screenshot 2021-10-07 at 10.12.16

The certificate can be correctly verified:

$ openssl s_client -connect bunkhouse.braxtonmccoy.com:443
...
    Start Time: 1633592471
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)

Connection using curl does also succeed.

$ curl -I https://bunkhouse.braxtonmccoy.com
HTTP/1.1 200 OK
Date: Thu, 07 Oct 2021 07:43:57 GMT
Server: Apache/2.4.49 (Unix) OpenSSL/1.1.1d
X-Powered-By: Express
...

My advice here is that you reach out to the official community as this does seem to be something related to the application itself and its integration with Stripe. Also, it might be the case that the integration with Stripe is a paid functionality, but again, the Ghost community would have the whole context about it :slightly_smiling_face:

Best regards,
Jose Antonio Carmona


Was my answer helpful? Click on :heart:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.