[#12462] - Force HTTPS does not work & shows Warning
- Closed
- 19 Oct 2016
- Medium
- Build: master
- # 12462
Steps to reproduce the issue
Global Configuration > Force HTTPS
- works on all my sites having LetsEncrypt installed via cPanel of SiteGround
- ... but does not work on any of my sites at OVH (where LetsEncrypt is automatically installed by the hoster)
Expected result
Enabling "Force HTTPS" should work as LetsEncrypt is installed & as the website does work with HTTPS when I call it manually
Actual result
When enabling "Force HTTPS" (Administration of Entire Site, does not matter), I get the following :
Warning
HTTPS has not been enabled as it is not available on this server.
Still, if I manually call the website (for example https://www.asolar-communication.be), it does work.
Also, if I manually edit configuration.php in order to set the following
$force_ssl = '2';
it works as well (even if Global Configuration shows "none" I think)
System information (as much as possible)
Joomla 3.6.3
PHP 7.0.6, but same applies with PHP 5.6.21
Hosting company : OVH
Additional comments
Even after upgrading to J!3.6.3 released today (where there was a.o. a PR about "Force HTTPS & 401"), the same problem occurs...
Feel free to ask more questions if further testing is needed :-)
Votes
zero-24
- | Labels |
Added:
?
|
||
@brianteeman
I fully agree : it makes no sense ! That is why I post here and why I mention that fact :-)
Indeed, all my (40) sites are alike...
- and I can Force HTTPS on all websites hosted at SiteGround
- but I can't make it on any of the sites hosted at OVH (always that "HTTPS has not been enabled as it is not available on this server." message)
Another example : look at https://www.auseindesfemmes.be/fr/
It works fine with HTTPS.
Still, I get that "HTTPS has not been enabled as it is not available on this server." message when I want to Force HTTPS in Global Configuration.
This drives me crazy :-)
Really sounds like something that can only be fixed by OVH and not Joomla
hello i have the same behavior ... here not ovh ...
http://mipih.fr/
certificate is ok https://www.sslshopper.com/ssl-checker.html#hostname=https://www.mipih.fr
joomla reply Warning HTTPS has not been enabled as it is not available on this server.
but without error difficult to find a good way to solve this
[ is there ever anything to hope from OVH :-D ]
Seriously : if you test the SSL
https://www.ssllabs.com/ssltest/analyze.html?d=www.auseindesfemmes.be&latest, I don't see what would be wrong.
But still, before changing $force_ssl = '2'; Joomla makes some test... which fails.
Which test, I don't know :-)
But it says it fails... while -as you see- the page https://www.auseindesfemmes.be/fr/ does work fine with SSL in your browser...
I am not a developer, but I see two possibilities
- a problem on the hosting side (but the ssllabs shows nothing wrong with the certificate)
- somehow, a problem with the SSL check made by Joomla
PS : reading some other thread, I even changed line 156 of application.php in order to show the Response Code, ie :
$app->enqueueMessage(JText::_('COM_CONFIG_ERROR_SSL_NOT_AVAILABLE') . ' - Response code was: ' . $response->code);
... but doing so show no Response code
I can see that you have a redirect on that site for http --> www
Can you test without that redirect
On 18 October 2016 at 21:20, Marc Dechèvre notifications@github.com wrote:
[ is there ever anything to hope from OVH :-D ]
Seriously : if you test the SSL
https://www.ssllabs.com/ssltest/analyze.html?d=www.
auseindesfemmes.be&latest, I don't see what would be wrong.But still, before changing $force_ssl = '2'; Joomla makes some test...
which fails.
Which test, I don't know :-)
But it says it fails... while -as you see- the page
https://www.auseindesfemmes.be/fr/ does work fine with SSL in your
browser...I am not a developer, but I see two possibilities
- a problem on the hosting side (but the ssllabs shows nothing wrong with the certificate)
- somehow, a problem with the SSL check made by Joomla
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#12462 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8ds_Sjq1NQbxZVjY27GuvvGDhQj6ks5q1SoFgaJpZM4KaOSC
.
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
https://brian.teeman.net/ http://brian.teeman.net/
Because that redirect is definitely not correct as it is also redirecting
https://useindesfemmes.be/fr/ to http:www.
On 18 October 2016 at 21:23, Brian Teeman brian@teeman.net wrote:
I can see that you have a redirect on that site for http --> www
Can you test without that redirectOn 18 October 2016 at 21:20, Marc Dechèvre notifications@github.com
wrote:[ is there ever anything to hope from OVH :-D ]
Seriously : if you test the SSL
https://www.ssllabs.com/ssltest/analyze.html?d=www.auseindes
femmes.be&latest, I don't see what would be wrong.But still, before changing $force_ssl = '2'; Joomla makes some test...
which fails.
Which test, I don't know :-)
But it says it fails... while -as you see- the page
https://www.auseindesfemmes.be/fr/ does work fine with SSL in your
browser...I am not a developer, but I see two possibilities
- a problem on the hosting side (but the ssllabs shows nothing wrong with the certificate)
- somehow, a problem with the SSL check made by Joomla
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#12462 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8ds_Sjq1NQbxZVjY27GuvvGDhQj6ks5q1SoFgaJpZM4KaOSC
.Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
https://brian.teeman.net/ http://brian.teeman.net/
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
https://brian.teeman.net/ http://brian.teeman.net/
for additional info, this is what joomla does to check if you site can be HTTPS enabled:
https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_config/model/application.php#L121
if you notice // Make an HTTPS request to check if the site is available in HTTPS. this means your server will make an HTTPS request using curl to check if HTTPS is available in your server. if that request doesn't work you will get that message.
This was implemented in #9584 (in 3.6.0 IIRC)
Well, I have oversimplified the problem : not only I have disabled the redirect nonWWW to WWW, but I have also replaced "my" htaccess by Joomla's native .htaccess, just to make sure that nothing else there would have a side-effect.
See for yourself : the website works with 4 possibilities
- http://
- https://
- http://www
- https://www
But still, when I want to Force HTTPS, I get that famous warning msg and Joomla leaves configuration.php as it is, ie
$force_ssl = '0';
@andrepereiradasilva
Txs for the exact reference to the curl used to check.
You make me think of something : how could we test whether "curl" from/to that website would be blocked (for some obscure & non-legitimate reason !) by OVH ?
Probably this would be the explanation (curl being somehow blocked)...
you should check in your server if you have curl enabled, and if so, do some curl tests to check what you get in a HTTPS curl request from your server to your server host, ie, mimic the joomla behaviour.
Sorry that didnt help but it was wrong anyway ;)
@andrepereiradasilva knows more about this stuff than me ;) I know nothing
On 18 October 2016 at 21:38, Marc Dechèvre notifications@github.com wrote:
Well, I have oversimplified the problem : not only I have disabled the
redirect nonWWW to WWW, but I have also replaced "my" htaccess by Joomla's
native .htaccess, just to make sure that nothing else there would have a
side-effect.See for yourself : the website works with 4 possibilities
- http://
- https://
- http://www
- https://www
But still, when I want to Force HTTPS, I get that famous warning msg and
Joomla leaves configuration.php as it is, ie
$force_ssl = '0';—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#12462 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8SV6Ea6XzH-yndlVAeQzPBUEobkUks5q1S5YgaJpZM4KaOSC
.
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
https://brian.teeman.net/ http://brian.teeman.net/
@woluweb you can let it throw the default JHttp exception.
ie, replace this line
https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_config/model/application.php#L156
For
$app->enqueueMessage($e->getMessage(), 'warning');Try to change to HTTPS, save, and now you should have a more useful error description
Hi @andrepereiradasilva
Txs for your suggestion. Indeed it does now show a proper error msg :-) Here it is
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Does this help ? :-)
Btw, in case it would be useful, here is the cURL configuration as shown within Joomla on the tab PHP Informations
cURL support enabled
cURL Information 7.38.0
Age 3
Features
AsynchDNS Yes
CharConv No
Debug No
GSS-Negotiate No
IDN Yes
IPv6 Yes
krb4 No
Largefile Yes
libz Yes
NTLM Yes
NTLMWB Yes
SPNEGO Yes
SSL Yes
SSPI No
TLS-SRP Yes
HTTP2 No
GSSAPI Yes
Protocols dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, ldaps, pop3, pop3s, rtmp, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host i586-pc-linux-gnu
SSL Version OpenSSL/1.0.1t
ZLib Version 1.2.8
libSSH Version libssh2/1.4.3
@woluweb clearly, as comments above, this is your server config issue, not a joomla core cms issue.
So please use the forum (https://forum.joomla.org/) for more support.
@brianteeman please close this issue as this is not a bug/issue with joomla.
OK, I will contact the Hosting Cy, but in order to make this efficient : is this an SSL issue or a cURL issue ?
(the error msg does not speak to me :-) )
Besides this, the Hosting Cy being OVH (ie #1 in Europe and #3 in the world I think), wouldn't it make sense that Joomla foresees (if possible) a second method for checking SSL ?
- the present cURL check
- and maybe some other technique ... so that if one test fails for technical reasons while SSL does in fact work, the other test could compensate and avoid users very tricky/technical problems
Closed as requested
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-10-19 12:41:02 |
| Closed_By | ⇒ | brianteeman |
OK, I will contact the Hosting Cy, but in order to make this efficient : is this an SSL issue or a cURL issue ?
Seems that curl is reporting an error to me. But google it and i'm sure you'll find the answer
In my experience, the warning message comes up when Joomla is running behind a reverse proxy setup and foolishly tries to connect to the unsecured backend via HTTPS.
Encrypted connections are handled by the reverse proxy server, but Joomla doesn't seem to understand it even when the right HTTP header is forward from the reverse proxy frontend.
AS a matter of fact, Joomla has never supported SSL in this type of setup correctly and some tinkering with one of the core files is required.
I know the issue is closed but I see the same issue on Siteground where the site is reached via an A record. If anyone found a solution posting it here would be useful.
Same error here when attempting to force HTTPS. The NGINX HTTPS server, is configured in the standard way, to call PHP-FPM thru a TCP socket to run Joomla.
Thx @andrepereiradasilva and other Super Joomlers for pointing out this issue.
Here is a more recent link to the Joomla codebase. In this case it's 4.2-dev
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/12462.
This part makes no sense
If the ssl is installed correctly there should be ZERO difference between you setting it up yourself an your hosts automatic install