Hi,
I just had the same issue but I'm using and nginx + uwsgi setup. Our
entire site is using https.
I thought I'd post how I got it working because it may help others in the
future.
As mentioned put this into settings.py:
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
Nginx config looks like this:
server {
listen 80 default;
server_name example.com;
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443 ssl;
server_name example.co.uk;
client_max_body_size 10M;
keepalive_timeout 15;
ssl on;
ssl_certificate /path/to/ssl.crt;
ssl_certificate_key /path/to/ssl.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Forwarded-Protocol https;
include uwsgi_params;
uwsgi_param UWSGI_SCHEME https;
uwsgi_pass_header X_FORWARDED_PROTOCOL;
uwsgi_pass unix:///tmp/example.sock;
}
}
I hope this helps!
On Wednesday, 28 November 2012 19:39:27 UTC, Pat James wrote:
>
> I am trying to switch a site over to 100% SSL and am having trouble
> getting the TinyMCE dialogs for inserting images, tables, etc. to render.
> It all works great when unencrypted.
>
> I saw some other threads that seem related but haven't yielded a solution
> for me (yet)...maybe it is in there, but after trying the solutions
> suggested I have not got it working:
>
> https://groups.google.com/d/topic/mezzanine-users/pMSUWGeaLT0/discussion
> https://groups.google.com/d/topic/mezzanine-users/qq_O-WAjIqU/discussion
> https://groups.google.com/d/topic/mezzanine-users/JZ6z6O-VOqs/discussion
>
>
> I guess it is a cross-domain or cross-scheme issue with static_proxy or
> asset_proxy. Looking at firebug, requests such as this:
>
>
> https://www.mydomain.com/asset_proxy/?u=https://www.mydomain.com/static/grappelli/tinymce/jscripts/tiny_mce/plugins/advimage/image.htm
>
> come back with an empty response.
>
> Notes on my configuration:
>
> 1. I have not enabled any of the mezzanine SSL redirection middleware
> or settings. Would that help? I figured they were only interesting if I
> wanted some parts of the site SSL and others not. I'm willing to go down
> that path if it works or enables whatever needs to happen for static_proxy
> to work over https when the page requesting the assets is https
> 2. I am using gunicorn via manage.py run_gunicorn and it is being
> launched by supervisor.
> 3. My nginx.conf looks like this (domain changed to protect the
> guilty):
>
>
> upstream gunicorn-mydomain {
> server 127.0.0.1:8001 fail_timeout=0;
> }
>
> server {
> server_name mydomain.com test.mydomain.com www.mydomain.com;
> listen 80;
> rewrite ^ https://www.mydomain.com$request_uri? permanent;
> }
>
> server {
> server_name www.mydomain.com;
>
> listen 443;
> ssl on;
> ssl_certificate /pathto/www.mydomain.com.cert;
> ssl_certificate_key /pathto/www.mydomain.com.key;
>
> access_log /home/pat/www/log/mydomain/access.log;
> error_log /home/pat/www/log/mydomain/error.log;
> keepalive_timeout 15;
>
> location /static/ {
> alias /home/pat/mydomain/static/;
> }
>
> location /media/ {
> alias /home/pat/mydomain/static/;
> }
>
> location / {
> proxy_pass http://gunicorn-mydomain;
> proxy_redirect off;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Protocol $scheme;
> }
>
> location /robots.txt {
> root /home/pat/mydomain/static;
> access_log off;
> log_not_found off;
> }
>
> location /favicon.ico {
> root /home/pat/mydomain/static/img;
> access_log off;
> log_not_found off;
> }
> }
>
> Thank you in advance for any help or suggestions of areas to try to
> isolate the problem or conduct further research.
>
> -Pat
>
--
You received this message because you are subscribed to the Google Groups
"Mezzanine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
