[SOLVED] SSL won't work - unsecured page content

12 years 10 months ago - 12 years 10 months ago #162605 by ZombieNRG
Hi,
we're trying to launch our site tomorrow, so fast help on this one is HUGELY appreciated.

We have SSL running properly with a Godaddy cert.
We're on Apache 2.X
configure to run port 443 as a virtual host serving content from Joomla (in regular directory) Test SSL page runs fine.

We will be running Authorize.net as soon as I can show them a secured page on the site.
The Problem

CBsubs however is serving up unsecured content.
i.e whe I view source code on the credit card page.
ALL community builder and CBsubs CSS pages and Javascripts are loading into the page head with absolute paths.
And those paths are http://

So our cert turns itself off and gives an error on inspection of
this page is only partially encrypted.

CB Login pages and password retrieval do the exact same thing.
Both cb login (module) and the menu item are set to force SSL.

I've been through the manuals and all the pages on the admin side of the site and the forums. I can't find any informtion on why this is happening or how to resolve it.

Please help!

Thank you in advance,
Eric

Please Log in to join the conversation.

12 years 10 months ago #162709 by krileon
Replied by krileon on topic Re: SSL won't work - unsecured page content
Are you viewing your site in HTTPS as apposed to HTTP? You must be viewing in HTTPS for CB API to load content in HTTPS. Am not having any problems serving HTTPS in test environments with self signed. Please PM backend login credentials and will take a look.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

12 years 10 months ago - 12 years 10 months ago #162718 by ZombieNRG
Replied by ZombieNRG on topic Re: SSL won't work - unsecured page content
Hi Krileon,
Correct - I am viewing the registration page in https
menu item is set to Force SSL
CBsubs is set to use secured page.
settings/creditcards/creditcard for https(normal secure...)

When I view the page source All of the CB CSS and scripts are absolute paths and they are all http:// not https://

Here's the page in question coknown.com/registration

This seems to be an issue with a setting somewhere in Cmmunity build since the header includes are being propagated with http: instead https:

However I can't find where this is happening in the code.

Any ideas?


Thank you for the help. This is driving me nuts.
Eric

Please Log in to join the conversation.

12 years 10 months ago #163057 by krileon
Replied by krileon on topic Re: SSL won't work - unsecured page content
Were you able to resolve this issue? I apologize for the delay. Am viewing source of your site and all headers appear to be in HTTPS; including CBs. Am also not seeing a mixed content warning or anything of the sort.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

12 years 10 months ago - 12 years 10 months ago #163167 by ZombieNRG
Replied by ZombieNRG on topic Re: SSL won't work - unsecured page content
Hi Krileon,
I wouldn't say it's a good or correct solution. However,
it's sort of resolved. Also it should be noted that CoKnown is about 80% custom programming - No core hacks on CB or Joomla.



Here's what I had to do for the benefit of others.

To get rid of the "partially encrypted" page issue.
1) changed live site to https -- This resolves the header includes being http.
(can't leave it blank or it will throw 500 errors on Safari mobile - due to custom Java programming)
Also this causes all CSS and JS pages to be internally linked as https even on non-SSL pages. (minor server hit)
2) Set pages I needed encrypted to "force SSL on"(in menu manager)
3) Set every other page on the site to SSL off

The remaining problem is that hitting the registration page (or other SSL page) will cause the home page to be displayed as https from that point forward. (bad for SEO -- this may be solvable via mod_rewrite... or hardwiring the home page button as an external URL.)

Anyway - I'd still Love to know how to do this the right way. I wrote this up in case the only way to switch between SSL and non SSL requires this type f work around.

hit coknown.com/registration then home menu item (defualt) goes to coknown.com/

This still does not seem to be the way things should be working.

Thank you,
Eric

Please Log in to join the conversation.

12 years 10 months ago - 12 years 10 months ago #163411 by ZombieNRG
Replied by ZombieNRG on topic Re: SSL won't work - [Solved]
If you have a site or a need to switch between Secured and unSecured webpages on your site. Get Yireo SSL Redirection. Free Plugin.
extensions.joomla.org/extensions/site-management/url-redirection/11326?qh=YToxOntpOjA7czozOiJzc2wiO30%3D

This finally solved our issues.
Don't forget to change your live site in configuration.php to
https://yoursite.com
or you will still the "partially secured" errors

This also resolved issues with IE 8 not wanting to go back to http: (unsecure) mode.
This was a really big problem since CB Profiles were unusable in IE 8.

Hope this helps someone else.
Eric
The following user(s) said Thank You: webiedesign, Rapunzl, tecsmarts

Please Log in to join the conversation.

Moderators: beatnantkrileon
Time to create page: 0.194 seconds

Facebook Twitter LinkedIn