After successfully migrating our seven SpringBoot microservices to the VPS server, everything seemed to be accessible, except for a few lingering issues that appeared in the bug list.

For instance, encountering https://cowpte.com:8710 (OAuth2.0 client) led to a Login Redirect problem.

We’ve encountered this issue previously, stemming from both the OAuth2.0 Authorization Server and OAuth2.0 Client using the same domain, localhost. This resulted in a conflict with session cookies, confusing the browser. To resolve this, we changed the Authorization Server to 127.0.0.1 and the Client to localhost, effectively resolving the problem.

Now, both the Authorization Server and Client are utilizing the cowpte.com domain.

Initially, we attempted to resolve this by adjusting the SSL configuration. I downloaded the Certificate Authority (CA) from GoDaddy’s server and used OpenSSL to generate the Private Key and Certificate. However, there was a mismatch error between the Certificate and Private Key.

Subsequently, we downloaded the Private Key from the server, but the issue persisted, indicating a mismatch between the CA and key.

We explored generating the Certificate and Private Key through the Let’s Encrypt Generator, intending to include domains such as cowpte.com, www.cowpte.com, localhost, and 127.0.0.1. However, the resulting certificate only covered cowpte.com and www.cowpte.com, similar to my current plan. Consequently, this approach didn’t resolve the issue.

Hence, we considered alternative strategies to address the session conflict problem.

Implementing specific Cookie configurations for both the Authorization Server and the Client resolved the issue at hand.

##################
# Cookie
##################
server.servlet.session.cookie.name=mn_authorization_server
server.servlet.session.cookie.path=/
server.servlet.session.cookie.secure=true