[SOLVED] Https not working, new install

I’m new to RocketChat and having a devil of a time getting https to work. My setup is

  • Ubuntu 18.04 (all updates applied)
  • app installed via snap
  • followed the Caddy instructions to get SSL going, no errors during install
  • this is a hosted server at Ionos
  • a subdomain has been created (chat.domain.com)
  • it works fine if I go to http:// chat.domain .com:3000
  • it does not work if I go to https:// chat.domain .com:3000 >> Firefox Error code: SSL_ERROR_RX_RECORD_TOO_LONG
  • it does not work if I go to http:// chat.domain .com
  • it does not work if I go to https:// chat.domain .com
  • I’m running ufw on the box
  • the box is directly on the public Internet
  • checking Caddy status it shows active
  • my Administration> General> Site URL shows https:// chat.domain.com


I don’t think I need a reverse proxy (you tell me). Ignore the ‘http:// (space)chat’ or the (space).com, that’s just to get around forum limitation.

Any help would be appreciated.


Version 2.4.11
Apps Engine Version 1.11.2
Database Migration 170
Database Migration Date May 18, 2020 4:49 PM
Installed at May 18, 2020 1:19 PM
Uptime 22 minutes, 42 seconds
Deployment ID blahblah
PID 1121
Running Instances 1
OpLog Enabled

Runtime Environment

OS Type Linux
OS Platform linux
OS Arch x64
OS Release 4.15.0-101-generic
Node Version v8.17.0
Mongo Version 3.6.14
Mongo Storage Engine wiredTiger
OS Uptime 23 minutes, 9 seconds
OS Load Average 0.00, 0.00, 0.00
OS Total Memory 1.92 GB
OS Free Memory 559.09 MB
OS CPU Count 2

Instead of 3000 forward that to port 443.

Well, one of those FM (fricking magic) fixes. It started working on its own.

What I think happened is that

  • I had my chat.domain.com DNS entry
  • ran the Caddy install for the Let’s Encrypt
  • tested https, no go
  • 2hrs later I though ‘Hey! Do I need port 80 open on the firewall for Let’s Encrypt?’ Let’s do that now.
  • tested (and minor cfg changes) https for the next couple hours, still failed
  • about 6hrs later I tried it and it worked fine
  • my guess is that Let’s Encrypt failed straight off then it tried again and later Let’s resolved properly against port 80+443

I can now go straight to https://chat.domain with the SSL working and no :3000 port needed. Happy, happy now. Almost ready for production. Just backup and restore procedures need testing.

Thanks for the suggestion AnotherUserName but it wasn’t needed.

1 Like