SSL installation possible?
Permalink
I installed a self-signed certificate on a new 5.7.5.1 C5 and setup the server to redirect all http requests to https. The site still loads but things like user login, admin UI don't work properly. Looks like maybe there's a lot of hard coded 'http' schemes in various urls, like the login form action and various ajax requests.
I recall previous versions had a configuration file site.php file somewhere you could change vars like BASE_URL and get this to work. Does this exist anymore? I see a 'site' var in ./application/config/generated_overrides/concrete.php but no scheme, and doesn't seem like I should manually edit the file.
I see a lot of unanswered posts re/ssl and maybe there's no documentation yet. I see the C5 forums uses ssl for its login page, how was that done? I looked at the force ssl add on but it says its only good up to 5.6.3.3.
I recall previous versions had a configuration file site.php file somewhere you could change vars like BASE_URL and get this to work. Does this exist anymore? I see a 'site' var in ./application/config/generated_overrides/concrete.php but no scheme, and doesn't seem like I should manually edit the file.
I see a lot of unanswered posts re/ssl and maybe there's no documentation yet. I see the C5 forums uses ssl for its login page, how was that done? I looked at the force ssl add on but it says its only good up to 5.6.3.3.
Good point re/ php not knowing about the ssl connection. I checked $_SERVER vars and php sees a regular http connection but the forwarded env vars are being set:
$_SERVER{'HTTPS'} => undefined
$_SERVER{'HTTP_X_FORWARDED_PROTO'} => 'https'
$_SERVER{'HTTP_X_FORWARDED_SSL'} => 'on'
To get $_SERVER{'HTTPS'} set I added the following to Apache's virtual host Directory block:
SetEnvIfNoCase X-Forwarded-Proto https HTTPS=on
Everything seems to work fine now, so getting a value set for HTTPS was my problem. thx mesuva
$_SERVER{'HTTPS'} => undefined
$_SERVER{'HTTP_X_FORWARDED_PROTO'} => 'https'
$_SERVER{'HTTP_X_FORWARDED_SSL'} => 'on'
To get $_SERVER{'HTTPS'} set I added the following to Apache's virtual host Directory block:
SetEnvIfNoCase X-Forwarded-Proto https HTTPS=on
Everything seems to work fine now, so getting a value set for HTTPS was my problem. thx mesuva
Hi there,
I think I'm experiencing the same issue.
I'm not well versed in php so was hoping that you might be able to direct me to where I would add your suggestion.
Where do I find access to Apache's virtual host Directory block?
Thanks you heaps and heaps!
I think I'm experiencing the same issue.
I'm not well versed in php so was hoping that you might be able to direct me to where I would add your suggestion.
Where do I find access to Apache's virtual host Directory block?
Thanks you heaps and heaps!
The virtual host block is part of the apache server configuration so you'd need to edit the appropriate file in the file system. Depending on your environment (likely different) you'd need to determine which file to edit. The SetEnvIfNoCase statement tells apache to set an environment variable which php/C5 uses during installation.
If you're on a shared (unix) system and can edit the ~/.htaccess file it might be possible to put it there. HTH
If you're on a shared (unix) system and can edit the ~/.htaccess file it might be possible to put it there. HTH
It could be that:
- your server isn't configured correctly in terms of allowing PHP to detect if it's running under HTTPS (I don't know a huge amount about this, but I've seen some servers not actually report that they're running under https when they are, and you have to do stuff like port checking)
- or you need to clear your cache
To answer your question regarding BASE_URL, there is now a dashboard page for manually specifying site URLs: 'URLs and Redirection' , found at /index.php/dashboard/system/seo/urls
In there you can manually put in the urls. When you edit this, just be careful as I've read of some people getting this wrong and not being able to access their site. The values are written to a config file within /application/config, so you can undo it pretty easily though.