[Deployment] When HTTPS is changed to a port other than 443, it cannot log in normally.

[Evangelove]

OpenIM Server Version

v3.8.1

Operating System and CPU Architecture

Linux (AMD)

Deployment Method

Docker Deployment

Issue Description and Steps to Reproduce

The network environment consists of one internal host and two testing hosts. One testing host (B) is on the same network as the internal server (A), while the other testing host (C) is on a different network. All three machines can access the internet normally.

When I deployed OpenIM using Docker, the HTTP protocol was functioning properly within the internal network. According to the configuration requirements for the website's Nginx deployment, I modified the domain name and certificate. Host C can access the PC-Web page at https://web.datashare.top:1443/ via the internet, but the login is consistently unsuccessful. Upon inspecting the API request, I found that it is attempting to access https://web.datashare.top/chat/account/login, but is missing port information. Below is my Nginx configuration file:

upstream msg_gateway { server 127.0.0.1:10001; } upstream im_api { server 127.0.0.1:10002; } upstream im_chat_api { server 127.0.0.1:10008; } upstream im_admin_api { server 127.0.0.1:10009; } upstream minio_s3_2 { server 127.0.0.1:10005; } upstream pc_web { server 127.0.0.1:11001; } upstream openim_admin { server 127.0.0.1:11002; }

server { listen 1443 ssl;
server_name web.datashare.top; ssl_certificate "/ext/server.crt"; ssl_certificate_key "/ext/server.key";

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";

default_type application/wasm;

location / {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://pc_web/;
}

location /msg_gateway {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://msg_gateway/;
}

location ^~/api/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Request-Api $scheme://$host/api;
    proxy_pass http://im_api/;
}

location ^~/chat/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_chat_api/;
}

location ^~/im-minio-api/ {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_connect_timeout 300;

    proxy_http_version 1.1;
    proxy_set_header Connection "";
    chunked_transfer_encoding off;
    proxy_pass http://minio_s3_2/;
}

}

server { listen 1443 ssl;
server_name admin.datashare.top;
ssl_certificate "/ext/server.crt"; ssl_certificate_key "/ext/server.key";

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";

default_type application/wasm;

location / {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://openim_admin/;
}

location /msg_gateway {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://msg_gateway/;
}

location ^~/api/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Request-Api $scheme://$host/api;
    proxy_pass http://im_api/;
}

location ^~/chat/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_chat_api/;
}

location ^~/complete_admin/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_admin_api/;
}

}

server { listen 80; server_name web.datashare.top; rewrite ^(.*)$ https://$host$1 permanent;

return 301 https://$host:1443$request_uri;

}

Screenshots Link

No response

[OpenIM-Robot]

Hello! Thank you for filing an issue.

If this is a bug report, please include relevant logs to help us debug the problem.

Join slack 🤖 to connect and communicate with our developers.

[Evangelove]

By adding port 1443 in Postman and testing https://web.datashare.top:1443/chat/account/login, it successfully returns the token and other information.