Hi all i need a little help, Everything works fine in http mode. But when I turn on SSL. The Region/State dropdown is empty, I am unable to select a state while creating account. This also affect shipping and address fields.
im using the latest version of OC
You should focus on fixing your SSL. The fact that you only have partial encryption needs to be addressed. Many topics around in solving this. Just run a search. I'ts not going to be an OC issue but rather your Certificate.
Hi i thought that too, i was on the phone for over 1 hour yesterday to the hosting company, they assured me the SSL was setup correctly,im not sure where to go from here, is there anything i can do from the backend to sort out the secure images?, maybe if i get that fixed the rest will work.
ok i had another email from the hosting company, they said this
"This is an issue with your shopping cart css or theme - if you are loading images using an absolute URL with http://, when viewing over https:// this will generate the error that not all items on the page are secure. You should ideally load images, css, js via a relative reference so that when accessing over http:// they load over http, and when loading over https they load over https."
You can see this clearly if you visit https://www.rage-systems.co.uk/testpage.html - there are no errors because no external items are loaded over http."
"This is an issue with your shopping cart css or theme - if you are loading images using an absolute URL with http://, when viewing over https:// this will generate the error that not all items on the page are secure. You should ideally load images, css, js via a relative reference so that when accessing over http:// they load over http, and when loading over https they load over https."
You can see this clearly if you visit https://www.rage-systems.co.uk/testpage.html - there are no errors because no external items are loaded over http."
Hi daza3204 - regardless of the problem with region/country dropdown, there is an unusual problem with the secured pages.
When you switch on SSL, that should automatically secure login/checkout etc. The base href of the page should be https: (view source code to see this) - this secures the content on the page.
However, your base href for secure pages is http:, and so none of your content is secured. I may be wrong, but do not think it is an issue with loading absolute paths for images. Opencart doesn't function that way.
Your SSL cert is installed correctly, so that isn't the problem. I can see you're testing the default template too, but the error still shows.
The problem looks similar to the one on this thread so it might be worth another word with your host.
When you switch on SSL, that should automatically secure login/checkout etc. The base href of the page should be https: (view source code to see this) - this secures the content on the page.
However, your base href for secure pages is http:, and so none of your content is secured. I may be wrong, but do not think it is an issue with loading absolute paths for images. Opencart doesn't function that way.
Your SSL cert is installed correctly, so that isn't the problem. I can see you're testing the default template too, but the error still shows.
The problem looks similar to the one on this thread so it might be worth another word with your host.
Last edited by Moggin on Thu Apr 14, 2011 7:49 pm, edited 1 time in total.
No I wouldn't go that far, but it's worth checking. One or two hosts have unusual server setups which play havoc with SSL - see Xsecrets posting here
http://forum.opencart.com/viewtopic.php ... t=0#p95552
http://forum.opencart.com/viewtopic.php ... t=0#p95552
Open Cart calls the https:// on certain pages as I am sure you know by now. On those pages make sure that all of your URL's are relative and not absolute. If you have added anything. For example always reference your content relatively like /images/icons/test.jpg and not http://www.yourdoman.com/images/icons/test.jpg
Also if you have added any external references those can conflict with your SSL as well and make it a partial encryption. Just throwing this your way.
Also if you have added any external references those can conflict with your SSL as well and make it a partial encryption. Just throwing this your way.
Again, the system takes care of the redirect from http to https. All of your url's that are present on pages where https is loaded need to be relative. Nowhere in your entire open cart template system should there be any mention of httpsMoggin wrote:...totally correct. I just checked back and the only thing I can see now is a minor error, the rapidssl_ssl.gif which is loading over http:
Base href is now https: on secure pages, so it's looking good..
yes its all sorted now i had to edit catalog/controller/common/header.php with this code
to
now ssl works great 
thanks to Xsecrets, he helped alot.
Code: Select all
$this->request->server['HTTPS'] Code: Select all
$this->request->server['HTTP_X_FORWARDED_PROTO'] @daza2304 oh excellent! Kudos to Xsecrets. Thank you for letting us know the fix.
@avicci, correct, https shouldn't be anywhere in the template system; I understand the point. Most minor SSL problems do indeed come from hard-coding absolute URLs, or from external scripts.
Here, I was looking at the dynamically generated source code on the site. That must show base href="https when the address bar shows the URL as https, otherwise none of the media will be secured. It's rare, but if it occurs it's more serious than a template error... I've only seen it a couple of times here.
@avicci, correct, https shouldn't be anywhere in the template system; I understand the point.
Most minor SSL problems do indeed come from hard-coding absolute URLs, or from external scripts. Here, I was looking at the dynamically generated source code on the site. That must show base href="https when the address bar shows the URL as https, otherwise none of the media will be secured. It's rare, but if it occurs it's more serious than a template error... I've only seen it a couple of times here.
That fix isn't for everyone johnegg. People should be following the default SSL configuration instructions first. If your page is customized in some fasion and you are breaking your SSL then check the page here:
http://www.whynopadlock.com/
http://www.whynopadlock.com/
Thanks avvici. I know where teh errors are coming from (using inspect element in safari) but the thing is the logo image link is coming through as http:// not https://. Its not hard coded, its dynamic but still causing issues. Any ideas? In using multi store functionality too.
This issue can occur when you enable your site to work under https and when your hosting provider uses an SSL Reversed Proxy / Load Balanced SSL Proxy. You can check to see if your host is using SSL load balancing / proxy, and if so there is now a vQmod available to fix any issues that you are experiencing:
http://www.opencart.com/index.php?route ... n_id=11280
http://www.opencart.com/index.php?route ... n_id=11280
Who is online
Users browsing this forum: No registered users and 73 guests
