FIX: Mixed Content Errors while serving ODOO POSBOX over HTTPS

In this article, we`ll check different approaches to fix the mixed content errors we received in ODOO, served over HTTPS, while connecting with POSBOX. But before starting we need to know some basic terms related to it, lets begin:

What is HTTPS ? What are the benefits of using HTTPS over HTTP ?

When we visit a web page using HTTP protocol, your connection to the website is not secured. Hackers can easily do eavesdropping here, and can stole your data which webpage and your server communicates.

That’s why we have HTTPS protocol, The ‘S’ at the end of HTTPS stands for ‘Secure‘. It means all communications between your browser and the website are encrypted. This keeps your information safe from hackers. HTTPS is extremely important if we are using any payment gateways or other password related things in your websites.

What is “mixed content”?

Searching for an experienced
Odoo Company ? Read More

Mixed content error occurs when we try to access a web page which is on HTTPs but the web page’s source code is also pulling some other resources with the insecure HTTP protocol. In this scenario, browsers display a warning/error message saying that the page has both HTTPS and HTTP content, i.e MIXED CONTENT.

Odoo POSBOX blocked by “Mixed Content” Security Policy

After migrating ODOO from http to https, posbox stopped working we have this mixed content problem which prevents loading http resources from a page served in https. In other words if your point of sale is served over https, browser will block the http connection to the posbox. Error message which we are receiving in browser is something like :

Mixed Content: The page at ‘https://192.168.1.78/pos/web/#action=pos.ui‘ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://192.168.1.93:8069/hw_proxy/hello‘. This request has been blocked; the content must be served over HTTPS. send @ web.assets_common.js:954

There are several approaches to fix this issue, which i `ll explain in this article:

Approach 1: Deactivate mixed content security in your browser. [ Works only with Firefox, No workaround found for Chrome/Safari till date ]

To disable mixed content warnings in Firefox open Firefox, enter about:config into address bar and hit Enter. Using the search box, search for a setting called security.mixed_content.block_active_content. Once you have found it, set it to false.
Unfortunately we can`t disable this security in case of Chrome or Safari, we have to use some other approaches in order to fix this issue.

Approach 2: Serve the point of sale over http. [ Have to compromise with loading some of ODOO data in plain HTTP ]

We can serve our point of sale in plain HTTP, and rest of our ODOO as HTTPS by configuring nginx to only serve the point of sale route /pos/web in HTTP.

Check sample nginx configuration file having this setup, LINK

Approach 3: Migrate POSBOX as well, in HTTPS. [ Best Approach Found till date ]

Install & configure nginx in posbox also, and append https:// with the IP address while configuring in your Point of Sale.

I have created a image having nginx properly installed and configured in it, if someone looking for the same, can use it. what you need to do is :

Download Image [NEW]ODOO-POSBOX-HTTPS.zip
Extract it, and burn it in the memory card, same way as you did for original posbox image.
Run your posbox, if you hit your posbox ip address in browser as : https://<posbox-ip-address> , you`ll see your POSBOX default homepage.
Put this https://<posbox-ip-address>, in your Point-Of-Sale configuration as:
That`s it…

Thanks for reading this blog !!! I hope it will help someone.

Your opinions, comments and suggestions are important to keep this extension updated and more usefull !!!

Mohit Chandra

6 Badges

24 May 2019

52 comments

Didierh Feb 9, 2021 at 2:12 am

Excellent tutorial, had you figure out how its works with images posboxless on RP4?

Mohit Chandra (Moderator) Feb 16, 2021 at 1:57 pm
Thanks for your feedback. I never tried it with images posboxless on RP4, but i think if such issues raised on that, this solution will work for images posboxless on RP4 as well.
Thanks

Jorge Saavedra Jun 29, 2020 at 2:20 am

Muchas gracias por la información, estuve 2 días navegando en internet buscando una solución… funcionando perfecto. Saludos

Anisha Bahukhandi (Moderator) Jul 2, 2020 at 6:03 am
Hola,
Muchas gracias por sus valiosos comentarios.
¡Manténganse al tanto!

Hello Jorge Saavedra,
Thank you very much for your valuable feedback.
Stay Tuned!

Regards
Anisha Bahukhandi

Jamal Mar 31, 2020 at 3:32 pm

Hi,

i am using odoo V10 and the posbox image is not hiting to my ip address (https:// posbox ip address:8069

Anisha Bahukhandi (Moderator) Apr 9, 2020 at 12:23 pm
Hello Jamal,

Drop us a mail at [email protected] or raise a ticket to get better and quick assistance.

Regards
Anisha Bahukhandi

Herman Vercuiel Nov 30, 2019 at 3:35 pm

Thanks so much for this. The PosBox connects fine.. with the https:://address. However getting SSL_ERROR_RX_RECORD_TOO_LONG when trying to print KOT order (Kitchen Order)

I also added https:// to the KOT printer. Any Advice?

Mohit Chandra (Moderator) Feb 16, 2021 at 2:03 pm
This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.
You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ w`ll definately try to help you
Thanks

Matt Nov 5, 2019 at 12:29 pm

Hi Manish. Please share the steps taken to edit a posbox image to add new packages to it. I needed to add CUPS to it. Thanks.

Manish Bisht Nov 12, 2019 at 7:57 am
Hi,

It seems that you are trying to connect printers on your network to your POS.
As CUPS is entirely a server & that needs a proper setup from scratch including dependencies.

We are also working in the same direction, i.e integrating CUPS, Bluetooth & some other peripherals into POS to connect to external devices.

You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ in case you have similar requirements.

Thanks,

Nicolas Sopizet Nov 2, 2019 at 5:34 pm

Perfect. Work out the box for me v11 community hosted on public cloud w/ ssl. clients / Android 8. /fire.
Many thanks for time saved and elegant workaroud.
best regards

Mohit Chandra (Moderator) Feb 16, 2021 at 1:57 pm
thanks

Simon Gottberg Jun 24, 2019 at 1:53 pm

Hi, does this work with Odoo 12? If not then do you plan to make a image with IoT Box with Nginx?

Manish Bisht Jun 25, 2019 at 6:19 am
Hi,

The image uses the latest version available from Odoo. So, it should work with Odoo 12.
Try once!!

Thanks,

Andreas Hochuli Jun 17, 2019 at 8:05 am

Hi,
In order to establish a connection to the POSBox via https, I first have to open the default page of the box via https in the browser I intend to run Odoo POS and accept, that I want to access this address even without a valid SSL certificate. As far as I know, accepting this exception gets reset from time to time by the browser. Is there a possibility to make this permanent? I don’t thnik that it is possible to somehow get a valid certificate for a local IP address.
Thanks

Manish Bisht Jun 25, 2019 at 6:29 am
Hi,

Yes, the script is setup to generate new certs on every boot. The exception should be accepted by browsing the default page once before use.
It’s not possible to get valid certs for a local IP.

Thanks,

Kai Brossmann Jun 20, 2020 at 5:38 pm
Did anyone solve the issue yet? I.e. that you have to first open default page and except the self-signed certificate before starting POS? I’ve heard that if might be possible to extend the letsencrypt certificate somehow to your posbox. Any help welcome.

- Mohit Chandra (Moderator) Feb 16, 2021 at 2:10 pm
  you need to install some webserver nginx/apache on your posbox to fix this issue completly, did you tried Approach 3 of my post?
  You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ for better communication with good response time 🙂
  Thanks

Mike May 22, 2019 at 7:48 pm

the Image file provided in solution 2, will not get an IP address, it is set to 192.168.1.199. where can we get the newest version?
also when will the letsencrypt version be available?

Manish Bisht May 28, 2019 at 10:45 am
Hi,
Please try newer image uploaded. Earlier, the update wasn’t published on blog properly.

Letsencrypt doesn’t offer certs on IPs(local or Public).
You would be able to use Letsencrypt certs only if you map a public domain to it.

Thanks,

Shirly asprilla ramirez May 8, 2019 at 2:45 pm

Hola,
tienen idea si alguna de estas soluciones se ha implementado en la nueva versión del posbox (IOT Box) y ha funcionado?
Gracias.

Manish Bisht May 13, 2019 at 2:01 pm
The attached image is of v17. You can download & burn it normally.

As the private IP can be different for everybody, the image has been provisioned to read the local IP on every boot & generate self-signed certs for itself. You would then be able to access it over 443(https/SSL).

So you would need to map a static IP to your POS & accept the SSL certs in order to use it over SSL.

Juan Apr 1, 2019 at 9:51 pm

Thank you for writing about the different alternatives to solve this issue.

I just tried your new.img by flashing it as the posboxv15.img, however the “new” box does not create a wireless access point. Instead the Posbox Status printed shows two IP adresses 127.0.0.1 and 192.168.1.199.

Then, I connected directly through the ethernet interface to my laptop and I can reach the configuration page through http://192.168.1.199:8069 (not https). I see that I have v17, however, when I go to the WiFi configuration page, there is no neighbouring SSID offered, although the box with the standard image v15 sees, besides mine, all of the multiple neighbouring routers in the vicinity.

Is this an expected behaviour? Am I missing some step in the setup of this special image?

Thanks in advance,

Juan.

Manish Bisht May 14, 2019 at 5:54 am
Hi,

You may try our new image. This time it reads the local IP received via DHCP protocol. Browse the IP over https(without 8069).

If you plug in the ethernet cable, all Wi-Fi related functionalities will be disabled as a wired network connection is available.

Thanks,

- Juan José Trujillo May 23, 2019 at 4:22 am
  Thank you Manish for your answer,
  
  Indeed what I explained earlier has been experienced with new.img (v17?) and unfortunately there seems to be something wrong with the IP taken by the PosBox (RP3). My systems take an address in 192.168.0.xxx from the router, however the PosBox takes (apparently) the address 192.168.1.199.
  
  The address of the posbox is always the same, independently of turning it on w/o connecting it via cable to the router. When I check my router, then the system is connected, however no IP has been provided to the system. There must be an issue with the DHCP in this image.
  
  - Manish Bisht May 28, 2019 at 10:42 am
    Hi,
    
    Please try newer image uploaded. Earlier, the update wasn’t published on blog properly.
    
    Thanks,

Rob Mar 15, 2019 at 7:44 pm

Is there a build of this for V17?

Jamal Mohamed Jan 13, 2019 at 10:32 am

Hello,
I tried approach number 3! Printing client bill is on! But I can. It print kitchen ticket!

Any idea how to fix it?

Mohit Chandra (Moderator) Jan 25, 2019 at 4:33 am
Hi,
Can you elaborate your issue, if possible can you copy-paste the exact error you are getting in browser`s console or in odoo log here.
You may raise a ticket (https://support.uvdesk.com/en/customer/create-ticket/) to better handle your request.
Thanks

- Herman Vercuiel Nov 30, 2019 at 4:19 pm
  I have this isssue too Mohit.. Have you tested it with KOT print outs? You get SSL_ERROR_RX_RECORD_TOO_LONG:
  
  To reproduce:
  1) Set PosBox IP https://address
  2) set Order printer https://address (can be same as above)
  [ NOTE, you need to set product category for the printer]
  
  Print bill works, but when you select a product in product category selected in order pinter category > this will make the “Order” button go green > Clicking this should print a KOT slip for the products to be made
  
  Bill printer is fine, but order printout doesnt work
  
  - Mohit Chandra (Moderator) Feb 16, 2021 at 2:06 pm
    is this problem solved at your end ? if not Can you tell me which approach you followed ?
    You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ w`ll definately try to help you
    Thanks

Jamal Jan 12, 2019 at 7:21 pm

Hello,
I did approach 3! We have posbox in a restaurant so, we have print for kintchen!

So, I can find the posbox with this (https://posbox-up-address)

Put when I enter manually in odoo hardware/proxy material this one (https:// posbox-ip-address ) and same for IP address for kitchen print, doesn’t work!

Any idea from your parte?

Because I don’t understand why hardware don’t work for client ticket and kitchen ticket…

Best regards,

Mohit Chandra (Moderator) Jan 25, 2019 at 4:43 am
Hi,
Can you elaborate your issue, if possible can you copy-paste the exact error you are getting in browser`s console or in odoo log here.
You may raise a ticket (https://support.uvdesk.com/en/customer/create-ticket/) to better handle your request.
Thanks

Ali Amer Dec 23, 2018 at 11:27 pm

I’ve downloaded it but it didn’t work for me (Odoo Version 10)
I’m using Apache installed on my cloud server with letsencrypt

can you share the nginx configurations to set it up to the newer version of iot box
Thanks

Mohit Chandra (Moderator) Jan 25, 2019 at 4:43 am
Nginx conf file: https://raw.githubusercontent.com/mohitg1213/odoo_scripts/master/odoo-ssl

Please let me know if i can help you anywhere.
Thanks

Steve Oct 5, 2018 at 12:40 pm

Would you know how to do option 2) using apache rather than nginx?

Mohit Chandra (Moderator) Jan 25, 2019 at 4:41 am
it can be done using apache rather than nginx but installing apache2 webserver on posbox/pi might not be the best choice, as nginx is very lightweight compared to apache2. I hope you are getting my point.
Thanks

Mouchl Oct 2, 2018 at 8:48 am

Hello,

We have downloaed the image from approache2 and burned it on SD card. It s working fine.
But when i shut down the PC or reboot, Odoo doesnt connect automatically to the pos.
Whe have to type https://IP_of_POSBOX and then it conencts..

Do u have any idea?
We are using firefox.

Mohit Chandra (Moderator) Dec 28, 2018 at 4:21 am
Hi,
Generally pos automatically searches for any available posbox ip in the network, if you have a static ip of posbox, you can configure it on ODOO, and in place of typing posbox IP manually in the browser, you can click on refresh button on POS itself to search for it.

Please let me know of you have any problem, i`ll share some screenshots then to explain you.
Thanks

Ths Sep 9, 2018 at 10:06 am

Hi, thanks for your help.

It is not working for me without accepting the self-signed certificate after entering the IP address of the POSbox over HTTPS.

Is the solution with Letsencrypt still on a way ?

Mohit Chandra (Moderator) Jan 25, 2019 at 4:36 am
Is the solution with Letsencrypt still on a way?

Yes, I`ll soon update the image as well and my blog.

Ths Sep 9, 2018 at 9:34 am

Thanks for the help. For the third approach, it is not working for me. No way to reach the page over https directly. Certificate are not “safe” because of auto-signed. I need to accept the certificate on https:// before using the POS over HTTPS.

Does a way exist to make that automatically ? Idea of Letsencrypt was a good idea, maybe did you add it now ?

Thanks.

Mohit Chandra (Moderator) Jan 25, 2019 at 4:45 am
Yes, I`m working on letsencrypt or self-signed certificates implementation with posbox. I`ll soon update my blog accordingly.
Thanks

ER Oct 10, 2017 at 12:26 pm

can you point out how to do Option 2?

Br,
Egon

Mohit Chandra Oct 12, 2017 at 6:43 am
Hi @egonraamat:disqus ,
Approach 2: In case you are using the Point of Sale module in combination with a POSBox, you must disable the HTTPS configuration for the route /pos/web to avoid mixed-content errors, by modifying nginx configuration file, as:

ADD:

# Redirect POS to http
location ~ ^/pos/web {
rewrite ^(.*) http://$host:8069$1 permanent;
}

and restart nginx

You can also check sample nginx configuration file having this setup from this link :
https://raw.githubusercontent.com/mohitg1213/odoo_scripts/master/odoo-ssl

Thanks

- Ali Amer Dec 23, 2018 at 11:29 pm
  Can you provide it in apache , letsencrypt ?
  
  - Mohit Chandra (Moderator) Jan 25, 2019 at 4:45 am
    Yes, I`m working on letsencrypt or self-signed certificates implementation with posbox. I`ll soon update my blog accordingly.
    Thanks
    
Webkul Support Oct 12, 2017 at 8:30 am
Hi ER , In case you are using the Point of Sale module in combination with a POSBox, you must disable the HTTPS configuration for the route /pos/web to avoid mixed-content errors, by modifying nginx configuration file, as:
ADD:
# Redirect POS to http location ~ ^/pos/web { rewrite ^(.*) http://$host:8069$1 permanent; }
and restart nginx
You can also check sample nginx configuration file having this setup from this link :https://raw.githubusercontent.com/mohitg1213/odoo_scripts/master/odoo-ssl
Thanks
— With Best Regards, Mohit Chandra (WebKul Team)

ER Oct 3, 2017 at 11:25 am

thank you for your work. This helped me out a lot. Maybe to implement letsencrypt to avoid certification error and consider updating v16 image also up front?

Br,
ER

Webkul Support Oct 6, 2017 at 4:01 pm
Thanks for appreciating our efforts, yes we are looking for enabling letsencrypt and other solution to avoid paid certificates on POSBOX

- Ecointegrador. Jan 20, 2021 at 6:15 pm
  To print on Kitchen Printer:
  
  Para Imprimir en impresora de cocina:
  
  https::443
  
  example:
  
  https://192.168.0.162:443
  
  Thanks to Mohit Chandra Image of Posbox
  
  - Anisha Bahukhandi (Moderator) Jan 27, 2021 at 11:58 am
    Hello,
    Kindly elaborate your query so that we can assist you accordingly.
    Regards
    Anisha Bahukhandi

FIX: Mixed Content Errors while serving ODOO POSBOX over HTTPS

Opencart Marketplace Point of Sale System (POS)

WooCommerce Marketplace Point Of Sale System

Laravel eCommerce Multi-Tenant SaaS POS Module

WooCommerce Point of Sale

Leave a Comment Cancel Reply

52 comments