Persistent ERR_SSL_PROTOCOL_ERROR and Redirect URI Including Port 5678 Issue with n8n OAuth2

Mark_Tic · March 5, 2025, 12:59pm

Description:
I’m running n8n on Docker behind Nginx on a VPS with the domain n8n.[domain_name].io, attempting to authenticate with YouTube using OAuth2. I’m facing an ERR_SSL_PROTOCOL_ERROR and the OAuth Redirect URL keeps including port 5678 and shows https://n8n.[domain_name].io:5678/rest/oauth2-credential/callback. Despite troubleshooting, the issue persists, and I need help identifying the root cause and resolving it.

Environment

n8n Version: 1.81.4
Docker Version: Latest
Nginx Version: 1.22.1
VPS: Hostinger
OS: Ubuntu 22.04

Problem

The redirect URI should be https://n8n.[domain_name].io/rest/oauth2-credential/callback (port 443, HTTPS default), but n8n persists in using https://n8n.[domain_name].io:5678/rest/oauth2-credential/callback, causing ERR_SSL_PROTOCOL_ERROR during authentication.

This is my docker-compose.yml configuration:

version: '3'
services:
  n8n:
    image: n8nio/n8n
    restart: always
    ports:
      - "5678:5678"
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=[user]
      - N8N_BASIC_AUTH_PASSWORD=[password]
      - N8N_HOST=n8n.[domain_name].io
      - N8N_PROTOCOL=https
      - N8N_PATH=/
      - N8N_WEBHOOK_URL=https://n8n.[domain_name].io/
      - VUE_APP_URL_BASE_API=https://n8n.[domain_name].io/
      - N8N_RUNNERS_ENABLED=true
    volumes:
      - ~/.n8n:/home/node/.n8n

And this is my Nginx configuration:

server {
    server_name n8n.[domain_name].io;

    proxy_connect_timeout       1200;
    proxy_send_timeout          1200;
    proxy_read_timeout          90m;
    send_timeout                1200;

    client_max_body_size 5G;

    add_header Access-Control-Allow-Origin *;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Port 443;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_http_version 1.1;
        proxy_pass http://localhost:5678;
        chunked_transfer_encoding off;
        proxy_buffering off;
        proxy_cache off;
    }


    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/n8n.[domain_name].io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/n8n.[domain_name].io/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

}

server {
    if ($host = n8n.[domain_name].io) {
        return 301 https://$host$request_uri;
    }


    server_name n8n.[domain_name].io;
    listen 80;
    return 404;


}

Request for Help

I need advice on:

Why n8n continues to include port 5678 in the redirect URI despite correct environment variables and resets.
How to force n8n to use https://n8n.[domain_name].io/rest/oauth2-credential/callback.
Any known bugs in n8n 1.81.4 or Docker configurations causing this.
Additional debugging steps or configuration changes I might have missed.

Please provide insights or suggestions. Thank you!

barn4k · March 5, 2025, 2:11pm

hello @Mark_Tic

you have some issues with the ENVs:

N8N_WEBHOOK_URL - proper name is WEBHOOK_URL (Actually only this one is important for the callback urls)
N8N_BASIC_AUTH_ACTIVE - this one has no effect, basic auth is disabled
N8N_BASIC_AUTH_USER - same
N8N_BASIC_AUTH_PASSWORD - same
N8N_PROTOCOL - should be http, as you have set the HTTPS on the nginx
N8N_PATH - you may remove it, it’s a default
VUE_APP_URL_BASE_API - you don’t need that one

Mark_Tic · March 5, 2025, 3:16pm

Hi @barn4k,
I was losing my mind over this for hours and you just solved it in seconds. Thank you very much

system · March 12, 2025, 3:16pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.