After setup ssl for lighttpd, frontend can't connect to backend

[talentdeveloper]

Everything was fine before add SSL for lighttd, but after I add SSL, it's saying Error: Can't connect to the backend! Maybe it is down. on the Ubuntu Server.

And the other question is why apiURL should serverip:1984 in the html/js/config.js file?
When I use 127.0.0.1 instead of serverip, I also couldn't see front end is working with backend.

[moneroexamples]

For ssl support, I think easiest to proxy requests through nginx. I haven't done much with native support of ssl in the openmonero backend.

If your backend and lighttpd are running on localhost and you access the frontend on the same localhost, then should be e.g., apiUrl: "http://127.0.0.1:1984/". If for example, openmonero backend and lighthttpd are on some remote server (on a VPS), then `apiUrl: "http://ip_of_the_server:1984/". The slash at the end is important!

For instance on my vps, I run openmonero (http://139.162.60.17:81) with config of http://139.162.60.17:81/js/config.js?4

[talentdeveloper]

Ok, for ssl support, openmonero will work on nginx server?
Is there any guide for installing on nginx like lighttpd?
FYI

[moneroexamples]

Yes it will run. Front end are just static files, html, js and css. So you can host it from whatever you want. In readme there are minimal instructions for using nginx in docker for that:

https://github.com/moneroexamples/openmonero/tree/devel#nginx-using-docker

But for real life use on mainnet over internet (i.e. not on your localhost, or testnet/stagenet networks) a connection of the frontend to backend needs to be though ssl. For that I don't have any guides. You would have to google how to proxy ssl over nginx. For example:

https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
https://www.ssltrust.com.au/help/setup-guides/nginx-reverse-proxy-setup-guide

[talentdeveloper]

Should I enable ssl for backend config.js?

openmonero/config/config.json

Line 60 in 1be824a

"ssl" :

[moneroexamples]

Not sure if this will work. I would consider this a legacy code. Its something that was added long time ago, not really tested and probably will be removed, as using nginx seems as a superior solution. You have to remember openmoenro is still very much in development, so not everything is fully done, and native ssl support, is one of these things.

[talentdeveloper]

After I setup ssl for nginx, still it's not working.
Can access backend with https, but it's saying backend down.
:(

[talentdeveloper]

What is the purpose of backend ssl setting?

For ssl support, I think easiest to proxy requests through nginx. I haven't done much with native support of ssl in the openmonero backend.

If your backend and lighttpd are running on localhost and you access the frontend on the same localhost, then should be e.g., apiUrl: "http://127.0.0.1:1984/". If for example, openmonero backend and lighthttpd are on some remote server (on a VPS), then `apiUrl: "http://ip_of_the_server:1984/". The slash at the end is important!

For instance on my vps, I run openmonero (http://139.162.60.17:81) with config of http://139.162.60.17:81/js/config.js?4

Btw, frontend and backend is running on same VPS, In this case, apiURLshould be server_ip_address or 127.0.0.1?
In my case, 127.0.0.1 doesn't work.

[talentdeveloper]

Ok, finally I was able to make it run with SSL.
apiURL should be set with domain name, not ip address in Frontend config.js .
It's working well on Chrome, Edge and Safari.
But there is CORS blocking on Firefox

[talentdeveloper]

P/s: backend config for ssl works well, you don't need to remove it
Thanks @moneroexamples
Please let me know if you have any solution for Firefox.

[moneroexamples]

Good to hear that.

Regarding CORS. At present the backbend is using this:

openmonero/src/YourMoneroRequests.cpp

Lines 1784 to 1788 in 1be824a

	multimap<string, string> headers {
	{"Access-Control-Allow-Origin" , "*"},
	{"Access-Control-Allow-Headers" , "Content-Type"},
	{"Content-Type" , "application/json"}
	};

If you have any recommendations or ideas how to change that, to make it CORS friendly, I would be grateful. Taking care of CORS is one of those things that are on my "to do list", but there has not been time yet to actually look into it, as always something else is poping up that requires attention.

p.s.
Do you use master or devel branch of openmonero? All the recent changes, fixes, are in the devel branch.

[talentdeveloper]

I was using devel branch.
But I need to use a bit older commits hence I have problem with my chain.
I will look into code for CORS hence it's important to run every browser including firefox.
So far so good

[moneroexamples]

Could you provide the error message Firefox is throwing about CORS?

[talentdeveloper]

Oh my gosh, it's working on firefox magically.
It's not working yesterday and I didn't change anything.

[moneroexamples]

Oh ok. Maybe there was something in firefox cash, making it go crazy.

Anyway, glad to hear its working. If something else is going to happen, please let me know.