CiviCRM Community Forums (archive)

I don't think you are correct about the credentials. I believe civicrm will be using your credentials or similarly empowered credentials to access that page.

CiviCRM tests that the https path to the CiviCRM pages is valid (it could be invalid even if your main url is invalid.)

Something doesn't quite make sense though -did you change the apache snippet below to be <domain> instead of your domain - It would seem odd since you have posted your url elsewhere. Unless your url is set wrong somewhere

"https://www.<domain>.com/civicrm/admin/setting/url"

Are your resource Urls correct?

The other area that often causes problems is the apache redirect settings - for example if https://yourdomain.com works and https://www.yourdomain.com doesn't you might have a problem. Make sure that you can access the CiviCRM pages with an https prefix with and without the www.

Check out the issue tracker (link at top of this page) and search for issue CRM-4447.

CRM/Utils/System.php::redirectToSSL() works by checking a test URL with the HTTPS scheme before redirecting to the target URL.

In the past this test URL has been the home address on the site, and then it was the Dashboard, and subsequent to this fix it has been changed so be the target URL.

You might want to try applying the patches, or upgrading to 2.2.4. Perhaps this will help?

Ken

I am now working on a different site using CiviCRM 3.02 and I am having the same issue where I cannot get CiviCRM to enable secure URLs because it is getting a 403 error when it tries to access the https:<myserver>/civicrm/dashboard?reset=1 URL.  When I am logged in as an administrator that has privileges to the CiviCRM dashboard, I do not receive a 403 (I receive a 200) when I access the same URL in my browser.

So, I did some digging around the CiviCRM code and found the codepath where this all gets checked and set:  CRM/Admin/Form/Setting/Url.php:formRule
In there, it has CiviCRM try to access https:<myserver>/civicrm/dashboard?reset=1.  In my Drupal installation, I have permissions set such that only the "admin" role has access to the dashboard.  CiviCRM is getting 403 returned, which makes CRM/Admin/Form/Setting/Url.php:formRule fail and throw an error.

In my installation, I temporarily modified CRM/Admin/Form/Setting/Url.php:formRule to check https://<myserver>/ and it had no issues and I could set CiviCRM to use SSL.  Since the CiviCRM documentation states that you should not enable the Dashboard for anonymous users (o not enable this for the "anonymous" role) - it seems odd that it would use check the Dashboard as an anonymous user to see if SSL is possible.

I think the code should be modified to check another URL so that SSL can be enabled once proper security is set.

The "admin" user I was logged in with to set the SSL setting has full Drupal access to all modules (including all CiviCRM modules).  The "admin" user I was using has access to the dashboard and all CiviCRM permissions.

I did notice the checkURL function and the addCookie section:
       
if ( $addCookie ) {
            foreach ( $_COOKIE as $name => $value ) {
                $request->addCookie( $name, $value );
            }
        }

I have not yet taken a look to see why that code is not adding in my authentication cookies...

I will take a look and let you know.

Jason

Figured out my problem. I also use the drupal module securepages and you have to ignore civicrm* in order for civicrm to be able to work with ssl correctly.

Edit: Sorry, forgot to say that you need to ignore IF you enable "Switch back to http pages when there are no matches" and also make sure you don't put civicrm into the list of secure pages.

Same problem on 3.3! Frustrating...