Jump to content

SSL but browser showing insecure content


bzdevil

Recommended Posts

I've been trying to make Prestashop work properly with SSL but I keep getting warnings about insecure content. This is a fresh default installation of Prestashop v1.5.4.1. You can check the site here:

 

https://www.qempo.co...ashop/index.php

 

SSL is forced on the webserver (nginx, not Apache). Also, PS_SSL_ENABLED is set to 1 in the database. I haven't changed anything else in the config nor added modules, altered templates, etc. Plain vanilla install, yet it doesn't work properly with SSL. There's a bunch of images sent via HTTP instead of HTTPS. In SEO & URL, SSL domain and shop domain are the same (www.qempo.com).

 

No matter what I do, it keeps showing partial content via HTTP. Mainly product images are being shown via HTTP.

 

post-603152-0-33242100-1371595737_thumb.jpg

 

I've read plenty of documents but so far I'm unable to pinpoint the source of this problem. I thought that with a default install I wouldn't see the issue but it's there.

 

Please advice.

Edited by bzdevil (see edit history)
Link to comment
Share on other sites

  • 6 months later...
  • 6 months later...

I am having the same issue. I already have this
 

                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                # With php5-fpm:
                fastcgi_pass unix:/var/run/php5-fpm.neo.sock;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param           HTTPS                   on;

 

but still not workng.. would you mind posting your sample config here. That would be a great help. :)

 

Link to comment
Share on other sites

Thanks for the response Vekia. I figured it out. To answer your question, we are using our own theme. Its now using the https header for all internal links.   :rolleyes:  I just need to clean up the external links that uses http. All are good now. :D

Link to comment
Share on other sites

This is our config and its working now:

 

  server {
    listen xxx.xxx.xxx.xxx:443;
    ssl on;
    ssl_certificate /etc/nginx/ssl/server_combined.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;
    server_name www.server.com;
    root /var/www/html/server;
    index index.php index.htm index.html;
    access_log /var/log/httpd/access_server_log main;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS on;
    include fastcgi_params;

    location / {
      try_files $uri $uri/ /index.php?q=$uri&$args;
    }
 
    location ~ \.php$ {
      fastcgi_pass unix:/var/run/nginx2.sock;
    }
 
    location ~* \.(css|js|gif|jpg|jpeg|ico|png|swf)$ {
      access_log off;
      expires max;
    }
  }
Edited by bzdevil (see edit history)
Link to comment
Share on other sites

Thanks for the response Vekia. I figured it out. To answer your question, we are using our own theme. Its now using the https header for all internal links.   :rolleyes:  I just need to clean up the external links that uses http. All are good now. :D

 

so it's related to some custom contents :D as i suspected! 

Link to comment
Share on other sites

  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...