CiviCRM Community Forums (archive)

For some reason, my site doesn't want to allow me to turn SSL on.  I definitely have an SSL cert, but it doesn't seem to recognize it.

I put in some debug code in the checkURL() function, and this is what I got:

Jan 07 09:35:28  [info] $Request = HTTP_Request Object
(
    [_url] => Net_URL Object
        (
            [options] => Array
                (
                    [encode_query_keys] =>
                )

            [url] => https://www.fcci.org/administrator/
            [protocol] => https
            [username] =>
            [password] =>
            [host] => www.fcci.org
            [port] => 443
            [path] => /administrator/
            [querystring] => Array
                (
                )

            [anchor] =>
            [useBrackets] => 1
            [user] =>
            [pass] =>
        )

    [_method] => HEAD
    [_http] => 1.1
    [_requestHeaders] => Array
        (
            [host] => www.fcci.org
            [user-agent] => PEAR HTTP_Request class ( http://pear.php.net/ )
            [connection] => close
            [accept-encoding] => gzip
            [cookie] => __utma=227706634.1886561489.1212775063.1225292763.1225294609.110; __utmz=227706634.1215800813.20.4.utmccn=(referral)|utmcsr=fcci.org|utmcct=/|utmcmd=referral; jfcookie=Array; 088ecce6c02af1b6d8ebfe1d477f045d=fb10e022f1df2816d3bbd81a092acb2a; 6a1d8331e2f1240c9c29e5dea684d2fd=b421d124b9cfed8de2501dc9f2264e55
        )

    [_user] =>
    [_pass] =>
    [_proxy_host] =>
    [_proxy_port] =>
    [_proxy_user] =>
    [_proxy_pass] =>
    [_postData] => Array
        (
        )

    [_body] =>
    [_bodyDisallowed] => Array
        (
            [0] => TRACE
        )

    [_postFiles] => Array
        (
        )

    [_timeout] =>
    [_response] => HTTP_Response Object
        (
            [_sock] => Net_Socket Object
                (
                    [fp] =>
                    [blocking] => 1
                    [persistent] =>
                    [addr] => ssl://www.fcci.org
                    [port] => 443
                    [timeout] =>
                    [lineLength] => 2048
                    [_debug] =>
                    [_default_error_mode] =>
                    [_default_error_options] =>
                    [_default_error_handler] =>
                    [_error_class] => PEAR_Error
                    [_expected_errors] => Array
                        (
                        )

                )

            [_protocol] => HTTP/1.0
            [_code] => 500
            [_headers] => Array
                (
                    [date] => Wed, 07 Jan 2009 15:35:28 GMT
                    [server] => Apache
                    [x-powered-by] => PHP/5.2.4
                    [p3p] => CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
                    [connection] => close
                    [content-type] => text/html
                )

            [_cookies] =>
            [_body] =>
            [_chunkLength] => 0
            [_listeners] => Array
                (
                )

            [_toRead] =>
        )

    [_allowRedirects] =>
    [_maxRedirects] => 3
    [_redirects] => 0
    [_useBrackets] => 1
    [_listeners] => Array
        (
        )

    [_saveBody] => 1
    [_readTimeout] =>
    [_socketOptions] =>
    [_sock] => Net_Socket Object
        (
            [fp] =>
            [blocking] => 1
            [persistent] =>
            [addr] => ssl://www.fcci.org
            [port] => 443
            [timeout] =>
            [lineLength] => 2048
            [_debug] =>
            [_default_error_mode] =>
            [_default_error_options] =>
            [_default_error_handler] =>
            [_error_class] => PEAR_Error
            [_expected_errors] => Array
                (
                )

        )

)

If I do a curl request, I don't get a 500 error, I get a 200 OK.  The only thing that seems different, maybe, is the uesr-agent, but maybe there's something that I'm missing.  I posted the CURL request as well.

* About to connect() to www.fcci.org port 443 (#0)
*   Trying 209.98.73.87... connected
* Connected to www.fcci.org (209.98.73.87) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /usr/local/share/curl/curl-ca-bundle.crt
  CApath: none
* SSLv2, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*        subject: /O=www.fcci.org/OU=Domain Control Validated/CN=www.fcci.org
*        start date: 2008-07-02 15:38:26 GMT
*        expire date: 2009-07-02 15:38:26 GMT
*        subjectAltName: www.fcci.org matched
*        issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
* SSL certificate verify ok.
> HEAD /administrator/ HTTP/1.1
> User-Agent: curl/7.17.0 (i686-pc-linux-gnu) libcurl/7.17.0 OpenSSL/0.9.7a zlib/1.2.3 libidn/0.5.6
> Host: www.fcci.org
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Wed, 07 Jan 2009 15:41:00 GMT
Date: Wed, 07 Jan 2009 15:41:00 GMT
< Server: Apache
Server: Apache
< X-Powered-By: PHP/5.2.4
X-Powered-By: PHP/5.2.4
< Set-Cookie: 6a1d8331e2f1240c9c29e5ced684d2fd=1e9dbbd6b7c35e0f134f75400c74a621; path=/
Set-Cookie: 6a1d8331e2f1240c9c29e5ced684d2fd=1e9dbbd6b7c35e0f134f75400c74a621; path=/
< P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
< Expires: Mon, 1 Jan 2001 00:00:00 GMT
Expires: Mon, 1 Jan 2001 00:00:00 GMT
< Last-Modified: Wed, 07 Jan 2009 15:41:00 GMT
Last-Modified: Wed, 07 Jan 2009 15:41:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
Pragma: no-cache
< Content-Type: text/html; charset=utf-8
Content-Type: text/html; charset=utf-8
* no chunk, no close, no size. Assume close to signal end

<
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

Thanks,

Dan Ficker

Lobo,

The curl request I posted was done from the command line of the server it is running on.

When I put that script in my bin/ and ran it, no matter if I put http://www.domain.com/, https://www.domain.com/, or even https://www.domain.com/administrator I got the exact same thign:

response Code

200

response Body


I'm still confused, I guess.

Thanks for your help!

Dan

Lobo,

I'm not sure.  Is there any way the cookie could be invalid?  Is there a way to refresh the value it uses for the cookie?  This site was updated from Joomla 1.0 and CiviCRM 1.8 at one time and has switched servers since then - is there any other clearing of caches or other data that needs to be done besides the usual document for upgrading and moving the location?  I'll keep looking into it.

Thanks,

Dan

I looked around in the error log, and every time I try to turn it on, I get this error in my log:

[Thu Jan 08 21:25:14 2009] [error] [client 209.XXX.XXX.XXX] PHP Fatal error:  require_once() [<a href='function.require'>function.require</a>]: Failed opening required '' (include_path='.:/usr/local/lib/php') in /path/to/html/administrator/components/com_cpanel/admin.cpanel.php on line 17
My line 17 of that file is thus:

require_once( JApplicationHelper::getPath( 'admin_html' ) );
I'll keep digging into it, but for some reason my Joomla doesn't like to process that through the PEAR HTTP_Request object or something.

Thanks,

Dan

FatherShawn,

Thanks for the idea!  That at least keeps us protected until we figure out the fix.  I'll keep this thread updated with what I find.

Thanks,

Dan