[SOLVED] Problems with SSL

[dgornik]

Hi!

I am relatively new to SSL. I have a dedicated SSL certificate from GeoTrust and my host is 1and1.

I installed PrestaShop 1.4 and everything worked well up to the moment when I switched on SSL in PrestaShop. Now I can see all pages that do not require https, but can not see anything with https! So I can not even log in and maintain the store (and switch SSL off - I posted this in another question here).

Whenever I try to display an page that should run via https I get the message that:

the server is redirecting the request for this address in a way that will never complete

My .htaccess file was automatically updated by PrestaShop when I switched to SSL and looks like this now:

# GENERATOR IN BACK OFFICE
# http://www.prestashop.com - http://www.prestashop.com/forums

AddType x-mapp-php5 .php



# URL rewriting module activation
RewriteEngine on

# URL rewriting rules
RewriteRule ^api/?(.*)$ /webservice/dispatcher.php?url=$1 [QSA,L]


# Catch 404 errors
ErrorDocument 404 /404.php

The php5 mapping is needed by 1and1.

However even when I remove the Rewrite - pages that worked before I switched it to SSL do not work any more with the same error... I can not find any other file that was changed by the SSL switch (according to change date of the file).

Btw. with https:// I can access all regular web pages... like category.php... just things like my-account.php do not work.

Any help is welcome...

Thank you!

[dgornik]

I continued to explore and completely reinstall my shop so I could get into admin tools again.

Here is the summary...

Not sure what changed my .htaccess, but setting the SSL in Prestashop did not.

When SSL is not enabled in Prestashop I can access every page via http:// or https://. When I access the page via https:// I see the correct security certificate from the server. The Geotrust security certificate does not need any file redirect.

When SSL is enabled I can not access the web pages my-account.php and order.php. The error message I am getting is:

The page isn't redirecting properly

      Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
      This problem can sometimes be caused by disabling or refusing to accept cookies.

Cookies are enabled and I checked that I actually have cookies from my web page created.

Since not familiar with the redirecting that happens in SSL case... can someone help here and let me know what I should look after? What redirects happen in Prestashop when SSL is enabled?

Did someone actually successfully configured SSL with Presta 1.4? I saw comments in the group about solutions for 1.3 that do not work any more in 1.4.

Thank you!

[fraolsmae]

I have the same problem. I have to reinstall prestashop 1.4 to be able to see my login admin page. So i hope sombady can explain this.

[jonspa]

Hello Guys, I also have the same issue, ssl installed by my host, and tehy say it is fine and set up correctly.

As soon as i switch on ssl in admin, i get the same "Too many redirects occurred trying to open “http://www.theplumbersbucket.co.uk/modules/paypal/payment/submit.php”. This might occur if you open a page that is redirected to open another page which then is redirected to open the original page." error message on every page i would consider secure pages!

when i switch it off i can access all pages that i couldnt before, right up to the final link to paypal site and then i get the same message kicking in even without the ssl switched on in admin.

please help if you have the information as this is messing with my mind!

Regards

Jon

[dgornik]

Good that I see I am not alone... on the paypal issue: this is where it started for me because talking to paypal they told me they require SSL communication for their solution. Else, sadly still no solution.

Whoever worked on this development for 1.4 - can you please let us know how the SSL should work? There should not be circular redirects...

[jonspa]

So basically....no ssl you cannot continue on to paypal...with ssl on...you cannot continue on to login at all! Somebody please help.

[DarinS]

I too am having this same issue with 1and1 running v1.4. I'm on the hunt for a solution.

[DarinS]

One thing that i noticed is that if you have ssl enabled, you can go to https://www.website.com and it loads fine, but if you try to go to any other page such as trying to login to an account, thats when you get the FF error. Google Chrome says too many redirects. I think the issue is that it may be asking twice for the ssl connection or something.

[dgornik]

True, you can go to any page with https if you have the page with the certificate... but all of the links are still just http... with exception of login, etc... so - whoever is browsing the page will be automatically back to http.

[jonspa]

in the hope that someone understands the htaccess file I have quoted the content of my htaccess file created by PS after setting ssl to on. is there anything missing from this?

# .htaccess automaticaly generated by PrestaShop e-commerce open-source solution
# WARNING: PLEASE DO NOT MODIFY THIS FILE MANUALLY. IF NECESSARY, ADD YOUR SPECIFIC CONFIGURATION WITH THE HTACCESS GENERATOR IN BACK OFFICE
# http://www.prestashop.com - http://www.prestashop.com/forums



# URL rewriting module activation
RewriteEngine on

# URL rewriting rules
RewriteRule ^api/?(.*)$ /webservice/dispatcher.php?url=$1 [QSA,L]
RewriteRule ^([a-z0-9]+)\-([a-z0-9]+)(\-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*\.jpg$ /img/p/$1-$2$3.jpg [L]
RewriteRule ^([0-9]+)\-([0-9]+)/[_a-zA-Z0-9-]*\.jpg$ /img/p/$1-$2.jpg [L]
RewriteRule ^([0-9]+)(\-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*\.jpg$ /img/c/$1$2.jpg [L]
RewriteRule ^([0-9]+)\-[a-zA-Z0-9-]*\.html /product.php?id_product=$1 [QSA,L]
RewriteRule ^([0-9]+)\-[a-zA-Z0-9-]* /category.php?id_category=$1 [QSA,L]
RewriteRule ^[a-zA-Z0-9-]*/([0-9]+)\-[a-zA-Z0-9-]*\.html /product.php?id_product=$1 [QSA,L]
RewriteRule ^([0-9]+)__([a-zA-Z0-9-]*) /supplier.php?id_supplier=$1 [QSA,L]
RewriteRule ^([0-9]+)_([a-zA-Z0-9-]*) /manufacturer.php?id_manufacturer=$1 [QSA,L]
RewriteRule ^content/([0-9]+)\-([a-zA-Z0-9-]*) /cms.php?id_cms=$1 [QSA,L]
RewriteRule ^content/category/([0-9]+)\-([a-zA-Z0-9-]*) /cms.php?id_cms_category=$1 [QSA,L]
RewriteRule ^page-not-found$ /404.php [QSA,L]
RewriteRule ^address$ /address.php [QSA,L]
RewriteRule ^addresses$ /addresses.php [QSA,L]
RewriteRule ^authentication$ /authentication.php [QSA,L]
RewriteRule ^best-sales$ /best-sales.php [QSA,L]
RewriteRule ^cart$ /cart.php [QSA,L]
RewriteRule ^contact-us$ /contact-form.php [QSA,L]
RewriteRule ^discount$ /discount.php [QSA,L]
RewriteRule ^guest-tracking$ /guest-tracking.php [QSA,L]
RewriteRule ^order-history$ /history.php [QSA,L]
RewriteRule ^identity$ /identity.php [QSA,L]
RewriteRule ^home$ /index.php [QSA,L]
RewriteRule ^manufacturers$ /manufacturer.php [QSA,L]
RewriteRule ^my-account$ /my-account.php [QSA,L]
RewriteRule ^new-products$ /new-products.php [QSA,L]
RewriteRule ^order$ /order.php [QSA,L]
RewriteRule ^order-follow$ /order-follow.php [QSA,L]
RewriteRule ^quick-order$ /order-opc.php [QSA,L]
RewriteRule ^order-slip$ /order-slip.php [QSA,L]
RewriteRule ^password-recovery$ /password.php [QSA,L]
RewriteRule ^prices-drop$ /prices-drop.php [QSA,L]
RewriteRule ^search$ /search.php [QSA,L]
RewriteRule ^sitemap$ /sitemap.php [QSA,L]
RewriteRule ^stores$ /stores.php [QSA,L]
RewriteRule ^supplier$ /supplier.php [QSA,L]


# Catch 404 errors
ErrorDocument 404 /404.php


ExpiresActive On
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType text/css "access plus 1 week"
ExpiresByType text/javascript "access plus 1 week"
ExpiresByType application/javascript "access plus 1 week"
ExpiresByType application/x-javascript "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 year"


FileETag INode MTime Size

AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

[DarinS]

never mind

[ADICorp]

Same here. Still no response from PrestaShop Technical Support.

[dgornik]

O.K. searched for bugs and found the following solution (and tested it in my shop):

Reported by bellini13:
I noticed the problem for me was in the FrontController.php. The code checks if the variable $_SERVER['HTTPS']) == 'on'.However for me the value is '1' and not 'on'. After changing the code to check for '1', then the redirect issue went away.

So... edit the FrontController.php file and replace the 'on' in several occasions with '1' and SSL should work.

[jabrekk]

This problem is known and it will be fixed in 1.4.1.0

Look here, there are some more files that need to be altered:

in: admin-dev\\tabs --> AdminHome.php
in: admin-dev\\ --> login.php
in: modules\\authorizeaim --> authorizeaim.php
in: modules\\treepodia --> treepodia.php

This is from the bugtracker: http://forge.prestashop.com/browse/PSCFI-1008
See the comments on that page.

After making those changes it worked perfectly.

[dgornik]

Thank you! I did not go through all comments before...

[babyewok]

Hi, I also have this exact same problem with version 1.4.3. I recently did another site with version 1.4.2.5 and there was no such issue with the SSL! For some reason this problem has reappeared in 1.4.3, but the solution here won't work as I cannot find $_SERVER[‘HTTPS’]) == 'on' anywhere!

Please help!

[aivars]

I fallowed dgornik and jabrekk this topic #13 and #14 and problem with new installed SSL was resolved completely. Be shore to do #13 and #14, not just some of suggestions, because otherwise you won’t be able to access you back office.

Note: I am completely amateur in prestashop developments.

Thanks to dgornik and jabrekk for help!!!!

[yabonga]

Hi, I also have this exact same problem with version 1.4.3. I recently did another site with version 1.4.2.5 and there was no such issue with the SSL! For some reason this problem has reappeared in 1.4.3, but the solution here won't work as I cannot find $_SERVER[‘HTTPS’]) == 'on' anywhere!

Please help!

 

Same here. I only have several $_SERVER['HTTPS']) != 'off' in my FrontController.php. SSL is turned on and in BO it´s working, but not in FO. In FO, every site has the https prefix. Please help us.

 

I´m using version 1.4.4.1

[aivars]

Just for reference regarding 1and1 and Geo trust SSL for prestashop. I had to change values back to ''on'' from ''1'' after 1and1 made server updates.

 

Prestashop 1.4.0.17

[cankart]

Hi is this problem fixed in 1.4.6.2 ?

[ScubaLessonsInc]

I believe after you have installed SSL you need to do two things..

1. in the back office under Preferences tab click the enable SSL link, then YES to enable SSL. Be sure to SAVE by scrolling all the way to the bottom and clickthe save button.

 

2. Go to the TOOLS tab then click the sub tab GENERATORS this click regenerate my htaccess file

 

That should fix it.

Good luck!

[Neapix]

I believe after you have installed SSL you need to do two things..

1. in the back office under Preferences tab click the enable SSL link, then YES to enable SSL. Be sure to SAVE by scrolling all the way to the bottom and clickthe save button.

 

2. Go to the TOOLS tab then click the sub tab GENERATORS this click regenerate my htaccess file

 

That should fix it.

Good luck!

 

it's not...

 

was it fixed in new version?

[Inarus]

it's not...

 

was it fixed in new version?

It`s not solved.

I get errors after migration from 1.4.7.0 to 1.4.7.3 :/

 

-----

Problem solved - google webfonts was importing by http instead of https.

Edited April 8, 2012 by Inarus (see edit history)

[heatmiseruk]

It`s not solved.

I get errors after migration from 1.4.7.0 to 1.4.7.3 :/

 

-----

Problem solved - google webfonts was importing by http instead of https.

 

 

Having same problem with google web fonts using Bio Medical theme. How did you fix ?

[[email protected]]

Hi there,

 

thought I would post my resolution incase anyone is as stupid as me. My hosting is with Heart Internet UK. After purchase and setup of SSL it seemingly did not work however this was due to the domain name. I did not enter any values into BO -> Preferences -> SEO & URLs for HTTPs Domain. So I scroll down to the bottom, in the form option "Shop domain name for SSL" I had to insert www.mydomain.com (obviously your domain) but the important part was www. as my shop is setup with no prefix. I then clicked preferences ran https check and was able to enable SSL. All working well now.

 

The guys at Heart are brilliant by the way they narrowed it down to a problem with htaccess however this little function must supercede that. I am running PS 1.4.4.1. All the best

[avantasia_fans]

any solution for this problem? i've prestashop 1.4.10, with ssl and cdn media.

In https pages my images are missing

 

regards

[rabiaah]

Hi Guys,

 

I've old version of PrestaShop 1.4.7.0

Facing the same issue with the SSL, the SSL is working fine for the Admin and the Order screens.

The issue persist for the Sales and Home page screens only.

 

Any idea how to resolve this specific issue?

 

Thanks in advance,