Page 1 of 1

2.3.0.2 SSL ISSUE

Posted: Sat Mar 30, 2019 6:55 pm
by yashu262
Hello,

I tried to install SSL certificate on my website.

1. Installed SSL certificate
2. Changed config.php and admin/config.php file
3. enabled ssl in the settings from dash board

Still i am facing issue with my ssl. When i tried to search for errors using WHYNOPADLOCK, i see that few scripts on my site have insecure url.
A script with an insecure url of "http://www.yoursite.com/catalog/view/ja ... 1.1.min.js" was loaded on line: 16 of https://www.yoursite.com/.
This URL will need to be updated to use a secure URL for your padlock to return.
and many such more errors.

The errors all correspond to the catalog and image folders

I have tried every possible way there is on the open cart forums but no solution.

Anyone has any thought ?

Re: 2.3.0.2 SSL ISSUE

Posted: Sat Mar 30, 2019 10:17 pm
by ocmta
Did you change both HTTP_SERVER and HTTPS_SERVER to https URLs?

Re: 2.3.0.2 SSL ISSUE

Posted: Sat Mar 30, 2019 11:27 pm
by IP_CAM
Well, you could hardcode your Theme header.tpl file Links to https,
to so make sure, that they will be linked correctly. ;)
And you could also link them COOKIEFREE, by example: https:// yourhost.com/...
if your 'regular' Site is '.htaccess - configured' to be used like this:
https:// www. yourhost.com/..., to get even better GTMETRIX Results . :D

You then only need to add this into your .htaccess file,
in the upper part of that file, before:

Code: Select all

# SEO URL Settings
RewriteEngine On

Code: Select all

<FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css|css)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
to also make Fontawesome work with both Settings.

You then only have to make sure, NOT to have any VqMods/OcMods installed,
eventually looking for a 'default' - linked 'Script' or 'Style', in the header.tpl file,
to add it's own content, before or after such a link, or then change the content
of such an Extension, to 'match' the new linking. Just to have this mentioned too.

Good Luck!
Ernie

Code: Select all

<link href="https://yourhost.com/shop/catalog/view/theme/default/javascript/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen" />
<link href="https://yourhost.com/shop/catalog/view/javascript/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" /> 
<?php foreach ($styles as $style) { ?>
<link href="https://yourhost.com/shop/<?php echo str_replace('view/javascript', 'view/javascript', $style['href']); ?>" type="text/css" rel="<?php echo $style['rel']; ?>" media="<?php echo $style['media']; ?>" />
<?php } ?>
<script src="https://yourhost.com/shop/catalog/view/javascript/jquery/jquery-2.1.1.min.js" type="text/javascript"></script>
<?php foreach ($scripts as $script) { ?>
<script src="https://yourhost.com/shop/<?php echo str_replace('view/javascript', 'view/javascript', $script); ?>" type="text/javascript"></script>
<?php } ?>

Re: 2.3.0.2 SSL ISSUE

Posted: Sun Mar 31, 2019 3:03 pm
by yashu262
Ok, so apparently after posting a query here i found a solution on my own.

OPEN CART 2.3.0.2 SSL ISSUE SOLUTION IS AS FOLLOWS:-

1. Change the config.php and admin/config.php
2. enable ssl in open cart dashboard
3. go to \catalog\view\theme\default\template\common\header.tlp and remove the following code on line 13.

Code: Select all

<base href="<?php echo $base; ?>" /> 
to

Code: Select all

 <base href="" />
4. go to admin\view\template\common\header.tpl and remove the following code on line 6.

Code: Select all

<base href="<?php echo $base; ?>" /> 
to

Code: Select all

 <base href="" />
MAKE SURE TO REFRESH the modifications from your dashboard. ELSE IT WILL NOT WORK

HOWEVER:-

My images are still broken.
An image with an insecure url of "http://www.yoursite.com/image/cache/cat ... 00x200.jpg" was loaded on line: 240 of https://www.yoursite.com/.
This is the issue seen on WHYNOPADLOCK

Re: 2.3.0.2 SSL ISSUE

Posted: Mon Apr 01, 2019 1:39 am
by Elevate
Steps 3 and 4 are not correct. We've worked on many v2.3.0.2 stores and never had to do this. Your whynopadlock error indicates you have a hard coded URL in the template that needs to be changed from http to https

Re: 2.3.0.2 SSL ISSUE

Posted: Tue Apr 02, 2019 1:44 pm
by ocmta
Elevate wrote:
Mon Apr 01, 2019 1:39 am
Steps 3 and 4 are not correct.
Second that. Don't know if it's hardcoded URL or something else, but base href doesn't need to be changed for it to work, that's for sure.

Re: 2.3.0.2 SSL ISSUE

Posted: Tue Apr 02, 2019 10:53 pm
by Elevate
Post the URL instead of yoursite.com and I'm sure one of us could quickly figure this out for you.