With a lot of trial and error I got both HTTPS and nonstandard ports working on ODK-X Sync Endpoint. I wanted to share the steps I did here so that 1) someone with access to modify the documentation can make it more complete, or 2) someone can tell me if I did something wrong.
For HTTPS, it took me a little bit to realize the “certificate public key” was not just the primary certificate that I used in Apache for a web server at the same domain, but also needed to include the intermediate certificate for my CA and the trusted root certificate. For Digicert, I was able to log in and download a single pem that worked perfectly. Also, in the nginx section in docker-compose.yml I needed to change com.nginx.sync-endpoint.conf to ./config/nginx/sync-endpoint-https.conf.
I am using nonstandard ports because I am running Sync Endpoint in a virtual machine on the same physical host with my web server, and using NAT to access it. If I passed from a nonstandard port on the outside to standard ports on the inside nginx was not able to properly rewrite addresses to access web-ui and odktables. Here are the changes I made to match the internal ports to the external ports:
In config/nginx/sync-endpoint-https.conf I changed the listen ports to the ports I needed. For the unsecured port I added the port to the secure link for redirecting (i.e. https://$host:{port number}$request_uri;).
In the nginx section of docker-compose.yml I changed both the internal and external ports to the nonstandard port numbers. This was in addition to the changes to security.properties in the documentation. I don’t believe the note about port 8080 in the documentation is relevant since nginx is being used in reverse proxy mode to hide that port.
1 Like
It was the same for me and the solution of mcrider did work