I tried and tried variously and Mattermost is installed and can execute it. I use PLESK to manage servers. This time I ignored PLESK and installed Mattermost, Mattermost worked fine. But I want to go through Plesk as much as possible. Because it is the existence of Let’s Encrypt. Plesk encompasses Let’s Encrypt.
I look at multiple conf files on a server using this Plesk, for example, I listen to 443 ports two or three times. So I think that trying to specify backend with nginx’s proxy_pass will cause a redirect error repeatedly.
PLESK Knowledge Database has the following guide.
location ~ ^/(?!.well-known).*$ {
proxy_pass https://127.0.0.1:8065;
port_in_redirect off;
}
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
If I set this, it will result in NGINX’s “502 Bad Gateway” error. Even if I see the error log of NGINX. Pointed out that the version(5.1.12) of Passenger is old.
and
[error] 4389#0: *2 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: CLIENT-IP, server: SERVER-DOMAIN, request: “GET / HTTP/2.0”, upstream: “https://SERVER-IP/index.html”, host: “MATTERMOST-URL”
“Proxy_pass https://127.0.0.1:8065;” Just specifying this will stop my site. I can not even see Index.html (ignoring the 8065 port).
This is a unique way to deal with Plesk, but who knows?
NEXT.
I do not install Mattermost in /opt, and installing in the domain may cause Mattermost to work. However, in this case, it is judged as an invalid certificate and it is an error. I thought I could give Mattermost the authority of the certificate by putting Mattermost in the domain, but it seems not to be the case. However with this method 502 Bad Gateway error does not occur. SSL error or invalid error.
I have doubts about config.json. “ConnectionSecurity” “TLSCertFile” “TLSKeyFile” in ServiceSettings section. Let’s Encrypt is enabled on PLESK, so SSL is working. Add Mattermost to it. I do not seem to work unless I type some characters on those items. If I leave “ConnectionSecurity” blank, an error will remain in Mattermost’s log.
{"level":"error","ts":1533229598.2654252,"caller":"jobs/jobs_watcher.go:70","msg":"Error occurred getting all pending statuses: SqlJobStore.GetAllByStatus: We couldn't get the jobs, Status=pending, invalid connection"}
{"level":"info","ts":1533230153.655869,"caller":"runtime/asm_amd64.s:2361","msg":"http: TLS handshake error from CLIENT-IP:20575: EOF","source":"httpserver"}
{"level":"error","ts":1533233769.2149591,"caller":"jobs/jobs_watcher.go:70","msg":"Error occurred getting all pending statuses: SqlJobStore.GetAllByStatus: We couldn't get the jobs, Status=pending, invalid connection"}
{"level":"error","ts":1533243896.2961688,"caller":"jobs/jobs_watcher.go:70","msg":"Error occurred getting all pending statuses: SqlJobStore.GetAllByStatus: We couldn't get the jobs, Status=pending, invalid connection"}
{"level":"error","ts":1533251112.7517698,"caller":"jobs/jobs_watcher.go:70","msg":"Error occurred getting all pending statuses: SqlJobStore.GetAllByStatus: We couldn't get the jobs, Status=pending, invalid connection"}
What I would like to do is to stop the function of activating SSL on Mattermost’s side. Is this possible?