HTTPS with with trusted certificate seems to be broken - lgallard/qBittorrent-Controller GitHub Wiki

Problem

Youy have a server publicly accessible, encrypted with a certificate issued by valid CA (example, startssl.com). When opening the web interface in a browser it works fine and Chrome has no problem with the certificate nor the issuer's certificate for that matter. But after one of the recent updates of the qBittorrent Controller, (2-3 months or so) you get the following toasts "A network failure" - "IP address / hostname could not be reached". Since the certificate is not self-signed you have not provided keystore nor keystore password.

Solution

@thetrompf found and share a workaround here HTTPS with with trusted certificate seems to be broken

Apparently qbittorrent-nox does not comply the strict SSL policies chrome on mobile requires, so you have to use nginx to resolve the SSL layer and then proxy pass to the qBittorrent Web UI via http, so no SSL enabled at the qBittorrent Web UI end.

Here is the settings he used:

/home/<qbittorrent-user>/.config/qBittorrent/qBittorrent.conf:

...
WebUI\Port=8081
WebUI\HTTPS\Enabled=false
...

/etc/nginx/sites-enabled/qbittorrent

server {
        listen 8080 ssl;

        # Make site accessible from https://qbittorrent.example.com:8080
        server_name qbittorrent.example.com;

        location / {
                proxy_pass http://localhost:8081;
        }

        ssl_certificate /etc/nginx/ssl/server.crt;
        ssl_certificate_key /etc/nginx/ssl/server.key;

        ssl_session_timeout 10m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES$

        ssl_dhparam /etc/nginx/ssl/dhparams.pem;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
}

He used startssl.com to get a free SSL certificate, and weakdh.org to setup nginx SSL correctly.