Author Topic: Error when trying to enable Force Secure URLs (SSL) (Read 5614 times)

stirrell · January 05, 2009, 10:10:45 am

Hello there,

I am getting an error when trying to turn on the option:

Force Secure URLs (SSL)

The error I get is:

Quote

Please correct the following errors in the form fields below:

* You need to set up a secure server before you can enable SSL

However, I have a certificate in place and it seems to be working fine with https addresses. I did some searching on this forum and found a response to a user from Lobo:

Quote

is the secure server on the same domain as your normal server? i.e. http://www.example.com/ and https://www.example.com/

if so, you might want to add some debugging code here: CRM/Utils/System.php, function checkURL (line 635)

You can also check your SSL logs and see why our test request is not returning a valid 200 page

I was hoping someone could expand on what I can enter in for debugging code. I echoed out some variables and got the following results:

$url - I got the url of my site as I would expect. It matched the url in my certificate.
$params - I got an array back with one value in it: Array( [method] => HEAD )
I get no results trying to echo out $request and $result.

I did not see anything in the access or error logs. Hits to the /civicrm/admin/setting/url page just show up as a code 200.

If someone has any ideas on what might be the problem, it would be greatly appreciated.

Thanks,
Scott

Donald Lobo · January 05, 2009, 01:29:59 pm

Can you add the foll line:

CRM_Core_Error::debug( 'before', $request );

before and after this line.

$request->sendRequest( );

thanx

lobo

stirrell · January 05, 2009, 01:38:01 pm

Donald Lobo · January 05, 2009, 01:48:30 pm

can you get on IRC. easier to debug that way

http://embed.mibbit.com/?server=irc.freenode.net&channel=%23civicrm&forcePrompt=true

lobo

stirrell · January 08, 2009, 10:12:06 am

Hello all,

I just wanted to follow up on this for others who may run into this issue. With lobo's help, we figured that it must be an issue with the ISP blocking local traffic to the secure address. The script ran fine from remote machines but not on the server itself. Someone on our team is following up with the ISP and I will follow up here when I hear back.

Scott

stirrell · January 28, 2009, 07:01:32 am

I just wanted to follow up on this issue. It appears that the problem is on the hosting company's side. They said:

Quote

The second error (HTTPS connection failure) is due to our PHP configuration. It looks like SSL socket support is disabled. We'll have to rebuild PHP to work on that but I don't expect it will be an issue. I will try to fit that in during our maintenance window tonight.

It still isn't working so I am hoping that they didn't have time to address the issue last night. Thanks again for all of the help!

-Scott

FatherShawn · February 19, 2009, 03:16:13 am

I've been having the same error. Took some time to work through the suggestions in this thread. Here's a snippet from the debug output:

Code: [Select]

 [_response] => HTTP_Response Object
        (
            [_sock] => Net_Socket Object
                (
                    [fp] => 
                    [blocking] => 1
                    [persistent] => 
                    [addr] => ssl://www.trinityhamburg.org
                    [port] => 443
                    [timeout] => 
                    [lineLength] => 2048
                    [_debug] => 
                    [_default_error_mode] => 
                    [_default_error_options] => 
                    [_default_error_handler] => 
                    [_error_class] => PEAR_Error
                    [_expected_errors] => Array
                        (
                        )

                )

            [_protocol] => HTTP/1.0
            [_code] => 500
            [_headers] => Array
                (
                    [date] => Thu, 19 Feb 2009 11:04:02 GMT
                    [server] => Apache
                    [x-powered-by] => PHP/5.2.4-2ubuntu5.3
                    [p3p] => CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
                    [connection] => close
                    [content-type] => text/html

The response code 500 led me to the apache error log:

Code: [Select]

PHP Fatal error:  require_once() [<a href='function.require'>function.require</a>]: Failed opening required '' (include_path='.:/usr/share/php:/usr/share/pear') in /public/www/htdocs/administrator/components/com_cpanel/admin.cpanel.php on line 17

Line 17 reads:

Code: [Select]

require_once( JApplicationHelper::getPath( 'admin_html' ) );
I don't know why com_cpanel would load when executing this page, but clicking save to the URL page in civi was the only request to the Joomla backend at this time...

The error message suggests a open_basedir conflict. Joomla security guidelines suggest the use of this restriction. Commented out the appropriate line in php.ini, but the page still gives an error - no error in apache errors log.

I would be grateful for suggestions!!!

Eileen · February 21, 2009, 11:45:10 am

You can test ssl / https outside of joomla /civiCRM to see whether the problem is anything to do with them.

Create a php file in your webroot with the following code: (insert your site's https url )

   <php
      $churl = "INSERT YOUR URL";

$ch = curl_init();
      curl_setopt($ch, CURLOPT_VERBOSE, 1);
      curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
     curl_setopt($ch, CURLOPT_URL, $churl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

// $output contains the output string
$output = curl_exec($ch);
     echo "<h1>curl</h1> error number ".curl_errno($ch);
     echo "<p> ";

// close curl resource to free up system resources

curl_close($ch);
      ?>

FatherShawn · February 23, 2009, 05:31:09 pm

Eileen-

Thanks for the debug code. I'm guessing there's a syntax error in the code, although I don't know enough php to find it. I acts like there are an odd number of " in the code. The output was:

curl

error number ".curl_errno($ch); echo "
"; // close curl resource to free up system resources curl_close($ch); ?>

FatherShawn · March 03, 2009, 03:01:41 am

OK, found the error.. missing ? in first <?php tag. Now my output to:

Code: [Select]

<?php
      $churl = "https://www.trinityhamburg.org";

      $ch = curl_init();
      curl_setopt($ch, CURLOPT_VERBOSE, 1);
      curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
      curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
      curl_setopt($ch, CURLOPT_URL, $churl);
       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

       // $output contains the output string
       $output = curl_exec($ch);
       echo "<h1>curl</h1>"," error number ", curl_errno($ch);
       echo "<p> ";

       // close curl resource to free up system resources
       curl_close($ch);
?>

is

Quote

curl

error number 0

So there is no error accessing my site on https via curl...

stirrell · March 03, 2009, 05:01:55 am

Our issue has been fixed as well. Apparently the issue was, indeed, a problem with the server and our hosting provider fixed it. Thanks again for all the help I've gotten here!!

Scott

FatherShawn · March 03, 2009, 06:10:12 am

Quote from: stirrell on March 03, 2009, 05:01:55 am

Our issue has been fixed as well.

Glad to hear yours is resolved!!

I'm still trying to track mine down - doesn't work

even though the server is secure.

I worked with kurund on irc for a while this morning. My best conjecture from the php fatal error is that the script is not finding the pear libraries but I don't know how to check that.

FatherShawn · March 03, 2009, 03:23:35 pm

To repeat from above, the server is throwing a php fatal error when the settings on this page are saved:

Quote

PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required '' (include_path='.:/usr/share/php:/usr/share/pear') in JOOMLA_Root/administrator/components/com_cpanel/admin.cpanel.php on line 17

The lines of that section are:

Code: [Select]

// no direct access
defined( '_JEXEC' ) or die( 'Restricted access' );
require_once( JApplicationHelper::getPath( 'admin_html' ) );

So why would civiCRM cause this core Joomla code to fail?

Donald Lobo · March 03, 2009, 03:39:38 pm

sorry, we have no idea what is happening in your install and why

at this point, i would recommend hiring someone from the professional services list (http://civicrm.org/professional) to help diagnose and hopefully fix the issue

please do let us know the end result

lobo

FatherShawn · March 04, 2009, 02:34:22 am

Lobo-

Thanks for the honest, but disheartening answer. I don't have a budget to hire help and its our server, so I'll have to debug it myself.

- Shawn

CiviCRM Community Forums (archive)

News:

Author Topic: Error when trying to enable Force Secure URLs (SSL) (Read 5614 times)

stirrell

Error when trying to enable Force Secure URLs (SSL)

Donald Lobo

Re: Error when trying to enable Force Secure URLs (SSL)

stirrell

Re: Error when trying to enable Force Secure URLs (SSL)

Donald Lobo

Re: Error when trying to enable Force Secure URLs (SSL)

stirrell

Re: Error when trying to enable Force Secure URLs (SSL)

stirrell

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)

Eileen

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)

stirrell

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)

Donald Lobo

Re: Error when trying to enable Force Secure URLs (SSL)

FatherShawn

Re: Error when trying to enable Force Secure URLs (SSL)