Magento - To everyone with 1&1;shared SSL problems [QUICK FIX AVAILABLE] - Installation Problems - eCommerce Software for Growth, Powered by Open Source

Skip to site navigation »
Skip to main content »
Skip to footer content »

Sales: Call 877.832.5289 (N America)|310.295.4144 (International)

Magento Forum

To everyone with 1&1;shared SSL problems [QUICK FIX AVAILABLE]

Flowstack Total Posts: 130 Joined: 2008-01-30 London, United Kingdom Ignore user	To everyone with 1&1;shared SSL troubles (may work on other hosts also). The problem occurs because $_SERVER[’HTTPS’] is not set with shared SSL. To fix this you need to make the following edits. I DO NOT GUARANTEE THIS WILL WORK. BACKUP YOUR WORK FIRST. I ACCEPT NO RESPONSIBILITY IF THINGS GO WRONG. ...But this hack worked for me Edit 1 -------------------- Open app/code/core/Mage/Core/Model/config.php. On line 254, change: `$secure = isset($_SERVER['HTTPS']) \|\| $_SERVER['SERVER_PORT']=='443';` to: `$secure = isset($_SERVER['HTTP_X_FORWARDED_SERVER']) \|\| $_SERVER['SERVER_PORT']=='443';` Edit 2 ----------------- Open app/code/core/Mage/Core/Model/Store.php: On line 336 change: `if (!empty($_SERVER['HTTPS'])) {` to `if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) {` Edit 3 ----------------- Open lib/Zend/OpenId.php On line 97 change: `if (isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $_SERVER['HTTPS'] == 'on') {` to `if (isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $_SERVER['HTTP_X_FORWARDED_SERVER'] == 'sslrelay.com') {` Edit 4 ----------------- Open lib/Zend/Controller/Action/Helper/Redirector.php. On line 185 change: `$proto = (empty($_SERVER['HTTPS']) \|\| $_SERVER['HTTPS']) ? 'http' : 'https';` to `$proto = (empty($_SERVER['HTTPS']) \|\| empty($_SERVER['HTTP_X_FORWARDED_HOST'])) ? 'http' : 'https';` Let me know if it works for you. Ed
	Posted: March 11 2008 \| top

Eminent Style Total Posts: 40 Joined: 2008-02-17 Bromsgrove, United Kingdom Ignore user	Magento Version : 1.0 Thanks for your effort on this but I am having trouble trying to implement this. *edit 3* and *edit 4* no longer appear to be in my code. I am using version 1 and am on 1and1 hosting using a shared ssl. Edit 3 I can’t find this line… `if (isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $_SERVER['HTTPS'] == 'on') {` but this line does appear on 97. `if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {` Edit 4 I can’t find this line… `$proto = (empty($_SERVER['HTTPS']) \|\| $_SERVER['HTTPS']) ? 'http' : 'https';` but this line appears on 192 `$proto = (empty($_SERVER['HTTPS'])) ? 'http' : 'https';` When I paste over my lines with the corrected ones I still get errors when trying to access anything requiring the SSL. The home page displays with the normal address but the admin errors out as follows. `Error 500 - Internal server error An internal server error has occured! Please try again later.` Any help would be appreciated, thanks, Ben Signature Ben Bishop Eminent Style - Hand Crafted Web Design & Development
	Posted: April 6 2008 \| top \| # 1

Flowstack Total Posts: 130 Joined: 2008-01-30 London, United Kingdom Ignore user	Hi, My fix was for a previous version (0.9). I haven’t yet tried SSL and version 1.0 on oneandone, but will be doing shortly. I’ll post updates here when I get a chance. Thanks, Ed
	Posted: April 6 2008 \| top \| # 2

Eminent Style Total Posts: 40 Joined: 2008-02-17 Bromsgrove, United Kingdom Ignore user	Ok, thanks Ed. If I work out the issue and find a solution I will post here. Signature Ben Bishop Eminent Style - Hand Crafted Web Design & Development
	Posted: April 6 2008 \| top \| # 3

tronics Total Posts: 33 Joined: 2008-01-17 Ignore user	Hello for me this fix works with 1.0 !! Almost everything works. Except for the Login for existing customer on checkout… When submitting your login credentials https://sslsite.com/shop/checkout/onepage/ instead of https://sslsite.com/domain.com/shop/checkout/onepage/ is called. That is not working of course because the domain in this shared ssl environment is always http://www.domain.com/ OR http://sslsite.com/domain.com/ This might be a bug in magento.. Apart a fix for this shared ssl should go into the core. Thanks Regards, rrrr4
	Posted: April 9 2008 \| top \| # 4

tronics Total Posts: 33 Joined: 2008-01-17 Ignore user	Ok there is another problem after the fix. The Log in Log off is not displayed correctly. Probably because of a cookie issue? -- However the Bugid for this whole shared SSL thing is this one: http://www.magentocommerce.com/bug-tracking/issue?issue=1699 Best Regards, tronics
	Posted: April 9 2008 \| top \| # 5

Flowstack Total Posts: 130 Joined: 2008-01-30 London, United Kingdom Ignore user	tronics - I also noticed the redirect problem and submitted a bug report on version 0.9. No idea if anyone is looking into it. The same thing will happen when you enable SSL in your admin and try to login. You get redirected to: http://sslsite.com/magento/admin instead of http://sslsite.com/domain.com/magento/admin A bit annoying!
	Posted: April 9 2008 \| top \| # 6

Eminent Style Total Posts: 40 Joined: 2008-02-17 Bromsgrove, United Kingdom Ignore user	tronics - 09 April 2008 07:51 AM Hello for me this fix works with 1.0 !! Almost everything works. Except for the Login for existing customer on checkout… Hmmm, I can’t work out what I am missing then. Tronics, was the code in the same place or was it different for you? An suggesttions would be appreciated. I am reluctant to spend the money 1and1 wants for a dedicated ssl just for a development server. Signature Ben Bishop Eminent Style - Hand Crafted Web Design & Development
	Posted: April 10 2008 \| top \| # 7

Elisa Zaroni Total Posts: 6 Joined: 2008-04-24 Brasil Ignore user	I believe I am suffering from similar problem. My site works only on http. My provider configures a shared URL for SSL (https://domain.websecure.com/magento), pointing to same address where I have magento installed. Strange thing is the site loads home from https address. But when I click “Account” / “Logout” it stalls on me and does not gives me any answer. I have configures secure and unsecure settings, also have tried several fixes and configurations tips with no success. Any suggestions ?
	Posted: April 25 2008 \| top \| # 8

Elisa Zaroni Total Posts: 6 Joined: 2008-04-24 Brasil Ignore user	Hi ! I have configured magento 1.0 in a shared SSL environment (not 1&1;) and tried everything I could known. Not success. The site stalls/hangs when clicking on Account or Login and SSL is configured with Yes. Strange is correct address appears on links...... Tried several different things: - Rewrite enabled / disabled - SSL for everything (disaster… had to disable it through database). - Changes in this topic, etc. Tks, Elisa Zaroni. (PS: Sorry, my internet was terrible, did not realize my previous post had worked)
	Posted: April 25 2008 \| top \| # 9

Lior Total Posts: 293 Joined: 2007-09-24 Ignore user	@Elsa, Who is your hosting? Do they have a separate location for secure pages? Signature Lior Pinelis Magento Team
	Posted: April 25 2008 \| top \| # 10

Elisa Zaroni Total Posts: 6 Joined: 2008-04-24 Brasil Ignore user	Lior, Hi ! Thanks. The hosting is a brazilian company (http://www.locaweb.com.br - sorry, in portuguese). No, they do not have today separate locations for secure site. My configuration has boths URLs (http and https) pointing to the same path. I believe its through virtual host & aliases. You can see them in: -> http://www.p2d.com.br/p2dstore -> https://p2d2.websiteseguro.com/p2dstore Both addresses point out to same physical directories. Tks ! El-i-sa (link in Elisabeth)
	Posted: April 25 2008 \| top \| # 11

Lior Total Posts: 293 Joined: 2007-09-24 Ignore user	@Elisa Is your SSL Certificate was set up for the http://www.p2d.com or p2d.com (without www) I was trying to access your site, and I see that for both with and without www I was getting that certificate is not valid Check with your hosting company your certificate configurations Signature Lior Pinelis Magento Team
	Posted: April 25 2008 \| top \| # 12

Elisa Zaroni Total Posts: 6 Joined: 2008-04-24 Brasil Ignore user	Lior, Although https is responding with invalid certificate, the configuration within Magento is: - Unsecure URL => http://www.p2d.com.br/p2dstore (all settings other than URLs were not changed) - Secure URL => https://p2d.websiteseguro.com/p2dstore https://www.p2d.com.br/ --->> PLEASE IGNORE (for now) Tks a lot !!
	Posted: April 28 2008 \| top \| # 13

Lior Total Posts: 293 Joined: 2007-09-24 Ignore user	@Elisa, Did you try to configure Magneto to use SSL via admin, but you don’t actually have SSL Certificate? What is the correct URL that there will be no certificate warnings? Signature Lior Pinelis Magento Team
	Posted: April 28 2008 \| top \| # 14

JoeNmass Total Posts: 46 Joined: 2008-03-07 Ignore user	I have 1&1;hosting and I had a very hard time trying to get my shared SSL certificate to work correctly. I don’t know if it was a coincidence but I only got it to work right only after I set “YES” to the “Use Secure URLs in Admin:” and “Use Secure URLs in Frontend” section. It did not work if I only had the “Frontend” set to “Yes”. And also I had to use “www” in the Base URL. I finally got it working with these settings in the Admin/Configuration/Web/Secure section: Base URL: https:www.mydomain.com Base Link URL: {{secure_base_url}} Base Skin URL: {{secure_base_url}}skin/ Base Media URL: {{secure_base_url}}media/ Base JavaScript URL:{{secure_base_url}}js/ Use Secure URLs in Frontend: Yes Use Secure URLs in Admin: Yes
	Posted: April 29 2008 \| top \| # 15

Magento Community

Magento Community

Back to top

Installation successful! Now how do I integrate it with Joomla?

New installation - unable to create Products

Sales: Call 877.832.5289 (North America) 310.295.4144 (International)

© Copyright 2008 Varien. Magento, eCommerce software, is a trademark of Irubin Consulting Inc. DBA Varien
Privacy Policy|Terms of Service Magento Community Count
52316 users|477 users currently online|105640 forum posts