I asked in the post itself and will ask here for more visibility
openssl to create the key and cert as the link you provided in the pdf seems…unsafe? There are articles and news about that website having holes.
I created cert and key and used them for nginx. Nginx started successfully even though it has the message
"ssl_stapling" ignored, issuer certificate not found for certificate "/some/path/to/mycert.crt"
When I go through
localhost:80, the auth0 is successfully triggered, so i assume my setup for auth0 is correct. However, once I log in, I get a 404 saying the
Page not found and the url shows
error=unauthorized&error_description=Access denied". I'm not sure why my access is denied. There's no info in nginx's access.log or error.log, and node only shows bunch of /login 302
I have nginx’s
server_name set as
localhost and listening to 80 and 443 as instructed, and my
.env has the callback
http://localhost:3838/callback as that’s where my shiny server is resided.
On auth0 app setting, I allowed
I’m using Ubuntu 18.04 with latest setup
Interesting thing is when I change the
server name to something other than localhost, I can still access auth0 from
localhost (no port number, should be listening to port 80 in my knowledge)
I’m not sure what could have prevented the callback to be successful. Is the callback not happening? Is the page being called not exist?
localhost:3838 (the shiny server) is active and can be directly accessed (something I also need to hide from direct access in the future…)