Chrome doesnt load external script after using nginx and lets encrypt

I am currently using nginx reverse proxy for my website, which has subdomains and used let’s encrypt as the ssl authority. My website works fine in firefox and safari. However in chrome, My website doesnt seem to load the external scripts as it constantly fails.I even tried to see if the requests are reaching my proxy server,which it doesnt. Hence, it doesnt load any of my external script. It gives a net:ERR_FAILED. I have added the screenshots of the console log. However, self signed certificates load the website.

Here is how I call the external script:

<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js"></script>

Here is the code of my nginx server:

upstream platform {
    server 127.0.0.1:8081;
    #server 192.0.0.1 backup;
}

server {


        index index.html index.htm index.nginx-debian.html;
        server_name test.example.com; # managed by Certbot
        add_header Access-Control-Max-Age 3600;
        add_header Access-Control-Expose-Headers Content-Length;

        location / {
                # First attempt to serve request as file, then

                if ($request_method = OPTIONS) {
                        add_header Access-Control-Allow-Origin *;
                        return 204;
                }
                proxy_set_header Host test.example.com;
                sub_filter "127.0.0.1:8081" "test.example.com";
                proxy_pass http://test;
                include /etc/nginx/proxy_params;
        }
        location /.well-known/ {
                root /var/www/html/;
        }

        listen [::]:443 ssl; # managed by Certbot
        listen 443 ssl; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_certificate    /etc/ssl/certificate.crt;
        ssl_certificate_key    /etc/ssl/private.key;
}




server {
        if ($host = test.example.com) {
              return 301 https://$host$request_uri;
        } # managed by Certbot
        listen 80 ;
        listen [::]:80 ;
        server_name test.example.com;
        return 404; # managed by Certbot
}

This works when it is a self signed certificate. Could it be a problem with my ssl certificate?

If you don’t share us your domain name, no one can guess what’s the exact issue.

Sorry for that. I have put it on top

It’s fine to use a free certificate on subdomains.
However, that’s not an Let’s Encrypt certificate, it’s powered by ZeroSSL.

Looking at your website, it seems like the jQuery.min.js is already loaded, and you are doing the script tags correctly…

Does other resources served on cloudflare cdn also fail?

Yes all other scripts also fail. I used Lets encrypt first but it failed. I used self signed certificate and it worked. I tried another ssl authority, but it also fails. It does even send a get request to my own subdomain. Without ssl, it works fine. I have even added the CORS header to prevent it but chrome doesnt seem to give any kind of error. The request doesnt seem to ever hit the server. So I believe the browser is blocking the request?

That’s awkward. Because there’s no issue loading the website from my browser (Comcast, USA). Maybe there’s some networking issue on your internet?

Are you using chrome? This seems to work on all other browsers - safari, firefox, edge .

I’m using the new edge (chromium).

Please try with chrome. It works on edge. Could it be a problem with the ssl certificate? However a similar website using the same base code seems to work fine. I see that they use a leaf certificate. Does this have any difference?

You are also using a leaf certificate. The pre-certificatr is the one submitted to CT log. I don't think this is caused by the certificate you installed, however I'm not quite sure what's the real cause... Sorry

P.S. on my chromium edge, it's showing Google Tag Manager failed to load with the same error message.

Could it be my nginx server config?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.