'Download failed' https not working

Hello Everyone,

I have installed onlyoffice docs server 7.2.1 with nginx on localhost port 80 server runs good. When i am using my own ssl certificate then the example run perfectly but if i open any docs.

error: first: yellow : the document couldnt be opened - contact admin -
error: second: red: Download fail
so i press ok back to example page

I am following the installation and ssl add link bellow:

documentation link:
https://helpcenter.onlyoffice.com/installation/docs-community-install-ubuntu.aspx
https://helpcenter.onlyoffice.com/installation/docs-community-https-linux.aspx

my nginx configuration file looks like:

#nginx congiuration file

server {
listen 0.0.0.0:80;
listen [::]:80 default_server;
server_name localhost;
server_tokens off;
root /usr/share/nginx/html;
}
server {
listen 127.0.0.1:80;
listen [::1]:80;
server_name localhost;
server_tokens off;

include /etc/nginx/includes/ds-common.conf;
include /etc/nginx/includes/ds-docservice.conf;
}
server {
listen 0.0.0.0:443 ssl;
listen [::]:443 ssl default_server;
server_tokens off;
set $secure_link_secret verysecretstring;
root /usr/share/nginx/html;
location /cache/files/data/ {
allow all;
autoindex on;
}
ssl on;
ssl_certificate /var/www/onlyoffice/Data/certs/cerficate.crt;
ssl_certificate_key /var/www/onlyoffice/Data/certs/cerficate.key;
ssl_client_certificate /var/www/onlyoffice/Data/certs/STAR.osl.team.ca-bundle;
ssl_ciphers “sdfaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaathththththththththththththththththththththththththdgfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff”;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=31536000;
add_header X-Content-Type-Options nosniff;
include /etc/nginx/includes/ds-*.conf;
}

onlyoffice and nginx logs are:

/var/log/onlyoffice/documentserver/nginx.error.log

2022/12/10 11:12:03 [error] 16684#16684: 2 connect() failed (111: Unknown error) while connecting to upstream, client: 192.168.2.56, server: , request: “GET /example/ HTTP/1.1”, upstream: “127.0.0.1:3000/”, host: "..com", referrer: "http:*..com/welcome/"

/var/log/onlyoffice/documentserver/docservice/out.log

[2022-12-10T14:51:08.339] [ERROR] [localhost] [192.168.2.56new.docx1670649194639] [uid-113] nodeJS - postData error: url = ****s://..com/example/track?filename=new.docx&useraddress=192.168.2.56;data = {“key”:“192.168.2.56new.docx1670649194639”,“status”:4,“actions”:[{“type”:0,“userid”:“uid-1”}],“token”:“eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiIxOTIuMTY4LjIuNTZuZXcuZG9jeDE2NzA2NDkxOTQ2MzkiLCJzdGF0dXMiOjQsImFjdGlvbnMiOlt7InR5cGUiOjAsInVzZXJpZCI6InVpZC0xIn1dLCJpYXQiOjE2NzA2NjIyNjgsImV4cCI6MTY3MDY2MjU2OH0.FItv53a5qNf7_l1ZdcIjfCqgzoNoAYk1EcPnQVZnaB0”} Error: unable to verify the first certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1515:34)
at TLSSocket.emit (events.js:400:28)
at TLSSocket._finishInit (_tls_wrap.js:937:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:709:12)
[2022-12-10T15:53:50.528] [ERROR] [localhost] [192.168.2.56new.docx1670649194639] [uid-1] nodeJS - postData error: url = ****s://
..com/example/track?filename=new.docx&useraddress=192.168.2.56;data = {“key”:“192.168.2.56new.docx1670649194639”,“status”:1,“users”:[“uid-1”],“actions”:[{“type”:1,“userid”:“uid-1”}],“token”:“eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiIxOTIuMTY4LjIuNTZuZXcuZG9jeDE2NzA2NDkxOTQ2MzkiLCJzdGF0dXMiOjEsInVzZXJzIjpbInVpZC0xIl0sImFjdGlvbnMiOlt7InR5cGUiOjEsInVzZXJpZCI6InVpZC0xIn1dLCJpYXQiOjE2NzA2NjYwMzAsImV4cCI6MTY3MDY2NjMzMH0.eJXGSZNSHrqI2duy7Wu-RCF9ha9Z9M42jeQwJHr5RC0”} Error: unable to verify the first certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1515:34)
at TLSSocket.emit (events.js:400:28)
at TLSSocket._finishInit (_tls_wrap.js:937:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:709:12)

/var/log/onlyoffice/documentserver/converter/out.log

[2022-12-10T11:11:11.883] [WARN] [localhost] [docId] [userId] nodeJS - update cluster with 1 workers
[2022-12-10T11:11:11.898] [WARN] [localhost] [docId] [userId] nodeJS - worker 16760 started.
[2022-12-10T11:11:11.903] [WARN] [localhost] [docId] [userId] nodeJS - update cluster with 1 workers

Browser OUTPUT looks like:

Please help me if any documentation or videos or any instruction for move on to next steps.

Hello,

Error: unable to verify the first certificate

This error means the document server cannot verify your ssl certificate because of some issues with the trust chain (root/intermediate certificate is missing or issued by some unknown CA). Please open /etc/onlyoffice/documentserver/default.json and change ‘rejectUnauthorized’ value to false. After that run supervisorctl restart all and check the result.

Thank you so much for your reply. I already set ‘rejectUnauthorized’ to false, after restarting open the doc file then the error message comes. error message same as the previous one. also, disable JWT authentication.

Please create an archive of /var/log/onlyoffice/documentserver/ and attach it here.

Download Please click the download link. Everything is perfectly fine when I am using HTTP. In my mind, the problem happens from Nginx reverse proxy. If you find any issues please let me know. Thanks in advance.

Hello,
Are these logs from the actual server? The logs contain no entries related to the above error.

If your Document Server is installed behind Nginx reverse proxy, please use our configuration examples: