CommCare HQ error during fresh installation

When I run the command update-code, it reverts back my changes that I did in src file to original github status. I did not download updates from github, I have made local changes in the code as per suggestion of @cellowitz.
The issue is still present with formplayer making all request with https.

Hi @daler

There are a few things going on here, and I'd like to unpack them.

The issue is still present with formplayer making all request with https.

There are two approaches you can take:

  1. As @cellowitz mentioned, edit the file, which is in the same directory as the formplayer.jar file. Change "" to "". Then restart Formplayer:

    $ commcare-cloud <env> service formplayer stop
    $ commcare-cloud <env> service formplayer start
  2. As @cellowitz also mentioned, the difficulty with the first approach is that when deploying Formplayer with the command ...

    $ commcare-cloud <env> deploy formplayer

    ... it will overwrite the file, and revert to using https. That is why @cellowitz suggested that code change to the template. It would allow you to deploy Formplayer without changing the file again.

But, in turn, updating the commcare-cloud code will try to revert your change to the template. :confused: So we've really just kicked the can a little further down the road.

All of the permanent solutions I can think of (like making the protocol configurable) are more complicated and would take a lot more effort.

So I would suggest going with the first approach: Edit the file, and restart Formplayer. And whenever you deploy Formplayer (about once a month), remember to edit the file again.

I hope that this approach fixes the issue, and keeps things relatively simple. (If someone can contribute a better approach, that would be great. Please let me know.)


There are now a very strange issue. The default installation of PostgreSQL is on port 5432, but when I run commcare-cloud install inside the file the port is 6432. Because of this the postgres part doesn't get its configuration and its showing me an error on PostgreSQL service. Can you please tell me why suddenly the deploy-stack command installs PostgreSQL on port 5432 but the configurations part points to 6432?

All deploy-stack commands and deploy commcare runs successfully but then on check_services now it says PostgreSQL is not running on port 6432, while the installation itself sets the port to 5432 but then later it points to 6432?

Ok, so I have edited the port to 5432 and restarted the commcare services. It is working now and check_services is not showing any error. I have also updated the file and removed the https from formplayer.

However, there are still errors. This one is the latest error that Im getting:

Can you please suggest what is causing this? Checking the formplayer-logs doesn't show any error so I guess now its not related to formplayer but to some other component?

Hi Daler,

Can you share what error you saw, for which you changed the port for PG to 5432?
I believe 6432 is port for for pgbouncer.


The error of postgres is just a default error, saying is postgres running. Thats it. Also, when I restart the server postgres stops working. Was there any updates to the codes that is causing it?

This is the current error in postgresql, when I restart the server. The command that I run is commcare-cloud <env> after-reboot all.

I checked the folder which is an error in the message /opt/data/postgresql/14/main actually doesn't exist.

Does it mean that ansible scripts don't create those data folders for PostgreSQL?

When I have a clean installation without a reboot, PostgreSQL is working, but when I restart the server PostgreSQL stops working with that error. As I understood by googling, it happen because the config files is in one folder and data folder is in separate place. In order to run it with this config you need to specifically point to postgresql.conf file. But I don't know how the ansible scripts are working and running those PostgreSQL commands. Would be glad for your support.


Thank you Norman for your support. Your response helped me with the error of PostgreSQL service not running. Now, I do have another error. I have shared it previously but didn't get an answer for that. When I do clean installation and deployment of CommCare HQ it runs fine and everything installs fine without error. But for some reason the Postgresql port is different and on the port for Postgresql is different.

Here is the screenshot of the error:

AS you can see, right after installation it throws an error because the Postgresql port is 5432 but then for some reason ports for PostgreSQL is set to 6432.

Can you please share why it happens?

Hi @daler

It turns out, this is expected. CommCare HQ uses PgBouncer for PostgreSQL connection pooling, and its default port is 6432. Your settings in are correct.

Hi Norman,

Thanks a lot for your help. Almost on finish line )

Now running the command django-manage check services doesn't show any error and everything is up and running.

However, Im having an issue with formplayer not working, even though it says its online. This is an error that I get from preview-app.

I have also checked the formplayer-log and no error is there. Seems like the requests doesn't get to formplayer service. I have modified the as per comments in this thread to disable the https requests for formplayer URL.

Thanks again for all the support

Quesiton #2. Can we disable https option and not use it at all? The system will run in the private VPN environment and https is not that important for us. I would love if you can guide me how I can turn it off for the whole instance.

Hi there Daler,

Your screenshot shows that Formplayer is returning a 403 error. (More information on HTTP 403.) So it seems that the HTTP request is reaching Formplayer, but the request is not using the correct credentials.

Formplayer's database details are in its file. Can you confirm that you can connect to Postgres as the user configured in there, that the database exists and has tables?

In fact, maybe copy and paste the contents of that file here, and I'll see whether I can spot anything unusual.

Regarding making CommCare HQ work without SSL, I don't think that is an option that Dimagi would spend effort on. CommCare HQ uses self-signed certificates if you don't use LetsEncrypt SSL certificates. They aren't great, but at least traffic isn't in plaintext. I understand that you are using a VPN (even for mobile workers?) but I think it would be less effort if you could find a way to install SSL certificates, if not automatically, then perhaps manually, or just continue with the self-signed certificates.

I hope that helps,


Hi Norman,

I've checked and I was able to connect to database with commcarehq user. The database exist and it has tables inside. Please find the following pics:

P.S No worries about the passwords. Its test environment and once all configuration is done, they will be renewed.

Regarding my Question 2: I got the part that CommCare is using self signed certificate. Not issue with that, the issue is that if you want to use an app to be installed in phone, it will not happen. The certificate is not recognized, obviously because its self signed. So, I wanted to avoid it and be able to install the apps on the phones. I also don't have DNS name for the instance, as I said its in test environment, so I want it to be able to work with IP Address only, if its possible.

Hi @daler

Regarding the 403 you're seeing, please make sure that your commcarehq.formplayerAuthKey in file and FORMPLAYER_INTERNAL_AUTH_KEY in file on CommCareHQ's side matches.

Hi Chris,

I confirm both are the same and the FORMPLAYER_INTERNAL_AUTH_KEY match. Any other idea what could cause it?


Hmm, is Formplayer running on the same machine as CommCareHQ? If not, maybe just double-check your firewall settings on the machine that runs CommCareHQ.

Yes, Its running on the same machine. In fact, when I have this errors I also checked the formplayer logs. There are no errors.

I feel like requests doesn't get to formplayer at all and there are some middleware system that is blocking it. Do you know what is the route and how the request to formplayer happens from the rest of commcarehq app.

As you saw maybe from previous pictures I shared, Im able to create an application, add questions, save questions. But than I have an issue with formplayer.

The only thing I can think of is nginx (it routes that request to formplayer), but I'm not convinced it's the culprit. Might be good to check in its logs for anything suspicious though.

I wonder if this is not releated to the SSL certificate (or the lack thereof). Is my understanding correct that you don't have certificates?

Yes, it has the default self signed certificate only. I don't know if you can count it towards not having a certificate or its counted?