I can’t seem to get access to MailHog when I have ssl: true.
When I go to https://devsite.dev:8015 I’m getting “SSL Connection Error” on chrome.
I was having issues accessing the development site with the self-assigned certificate and my solution was to add it through “Keychain Access” (http://stackoverflow.com/a/21106333).
Any ideas why?
It works if I clear cache and navigate with http, but if navigate to the dev site, https is being forced on that domain and MailHog gets kicked to https as well.
The same exact thing happened to me.
At first, I thought nginx was doing the redirect. At the bottom of wordpress-site.conf.j2, there’s a server block listening on port 80 and 301 redirecting to https…but MailHog is on port 8025. So I don’t think that server block even matches the request.
After some research it seems to be the cause of the Strict-Transport-Security response header. Web browsers that receive that header from a domain will add that domain to a cache, and redirect future traffic on that domain to https.
Trellis 0.9.3 added support to configure the max-age property of the Strict-Transport-Security header with the hsts_max_age variable.
I added hsts_max_age: 0,
ssl:
enabled: true
hsts_max_age: 0
# trellis/group_vars/development/wordpress_sites.yml
ran vagrant provision, and cleared my cache.
I’m now able access MailHog without any errors (even after refreshing the https site).
As a side note, I learned that you can go to chrome://net-internals/#hsts and enter a domain to delete from the hsts cache (it will get added back as soon as you refresh a page that responds with the Strict-Transport-Security header).
Having the same issue and will give @bryandowning’s solution a go but I’m just wondering if this is definitely the right way to go or will this be addressed in another release?
@bryandowning This solution didn’t work for me, I still can’t access MailHog even after running vagrant destroy and then vagrant up
I think I might have a different issue than @riveramauro as I don’t get an SSL Connection Error, I get the error ERR_CONNECTION_REFUSED “This webpage is not available” in Chrome.
Any suggestions?
Update: I’ve just re-provisioned the box without SSL and still get the same issue as described above. I’ve cleared all browser cache, and have tried multiple browsers. This doesn’t sound like the same issue so I’ll just open a new thread if no one has any suggestions.
Cheers
Chris
Regarding your question about “the right way”, I did think of something that did not occur to me to try at the time I was having a problem. It might be smarter to configure nginx to allow secure traffic over port 8025 (which I’m not sure how to do, but I think would be pretty easy to search for). The reason I think that would be a better approach is simple — secure traffic is better. It likely doesn’t matter that much from a development environment perspective, but maybe it does matter if you’re transmitting sensitive data on an insecure network. I would think that turning off hsts_max_age in production is definitely not advised unless you’re absolutely sure there are pages served by your domain that need to be served on an insecure connection (turning it off just to access something like MailHog is almost certainly not a valid justification).
Regarding your ERR_CONNECTION_REFUSED problem, I would go ahead and open a new thread for that. A couple of things you should verify: ansible roles were completely installed without errors, vagrant up worked without errors, you only have a problem with MailHog (you can access WordPress without errors).
thanks for the explanation and further tips!
Chris