Redirect loop with ssl

I did a clean install of CS cart, hoping this will fix the issue…but no.



Any pages accessed through https is thrown into a redirect loop

(or firefox message: The page isn’t redirecting properly)



eg.

[url]Welcome! – works fine



[url]https://quessentials.com/dev/index.php[/url] – goes into a loop



I have never had the store working properly under ssl



The ssl certificate is working correctly on the server. is there something I am missing?

Did you configure your config.local.php properly? Your https URL is missing your subfolder /dev/



// Host and directory where software is installed on no-secure server

$config[‘http_host’] = ‘Welcome!’;

$config[‘http_path’] = ‘/dev’;



// Host and directory where software is installed on secure server

$config[‘https_host’] = ‘Welcome!’;

$config[‘https_path’] = ‘/dev’;



Bye

Your home page isn’t supposed to be secure. If you have checked the 3 first items in “Settings”, the only thing that will be secure is admin, checkout, or any page that contains customer information.



Just a quick scan you don’t have SSL for checkout.

Thanks for the quick reply.



Tool Outfitters, you are 100% correct. I have secured the checkout and it does the same thing.





indy0077, I have updated my config just like you have it. Now, i can’t access anything.



I have also tried:



$config[‘http_host’] = ‘quessentials.com’;

$config[‘http_path’] = ‘/dev’;



$config[‘https_host’] = ‘Welcome!’;

$config[‘https_path’] = ‘’;



and other combinations, same problem…

How did you do that you have unsecure site in /dev/ and secure in root?:


[quote]

$config[‘http_host’] = ‘[COLOR=Red]quessentials.com[/COLOR]’;

$config[‘http_path’] = ‘/dev’;



$config[‘https_host’] = ‘quessentials.com[COLOR=Red]/dev[/COLOR]’;

$config[‘https_path’] = ‘’;[/quote]Then try this one, but I’m not sure what is your real instal directory:

[quote]

// Host and directory where software is installed on no-secure server

$config[‘http_host’] = ‘Welcome!’;

$config[‘http_path’] = ‘/dev’;



// Host and directory where software is installed on secure server

$config[‘https_host’] = ‘Welcome!’;



Just play with the slahses…



$config[‘https_path’] = ‘/dev’;[/quote]Here is the commented code of config.local.php:

[quote]

thanks indy0077.



none of the combinations work, I’ve been at it for 2 days now. I would hope its just a config issue but it seems like it might be something else.

If you switch off the secure function in the admin is the site working properly?

How looks your htaccess file?



EDIT: Clear your cache in /var and all folders in /var/compiled/



Because if I hover your links e.g. “View Cart” it shows a http:// URL not https://

yes, if its turned off and does not go through https, it works fine.





.htaccess:



DirectoryIndex index.php





RewriteEngine on

Some hostings require RewriteBase to be uncommented

Example:

Your store url is [url]http://www.yourcompany.com/store/cart[/url]

So “RewriteBase” should be:

RewriteBase /store/cart

RewriteBase /dev

RewriteCond %{REQUEST_FILENAME} !.(png|gif|ico|swf|jpe?g|js|css)$

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . index.php?sef_rewrite=1 [L,QSA]



RewriteCond %{REQUEST_FILENAME} ./catalog/.

RewriteCond %{REQUEST_FILENAME} -d

RewriteCond %{REQUEST_FILENAME}/index.html !-f

RewriteRule . index.php?sef_rewrite=1 [L,QSA]



htaccess is OK.



Is your SSL issued for www or without www?

SSL is issued as www.quessentials.com



I also did my http_host and https_host as www.quessentials.com

The redirect loop error looks like this:

Page A sends you to Page B which sends you to Page A



That means, if you request your https URL it will send you again to the http URL.

Yes, i understand that but it only happens within the cs cart application…



How would this be happening if both http_host and https_host go to Welcome!

Where is the loop created??

[quote name=‘clayhenry’]Yes, i understand that but it only happens within the cs cart application…



How would this be happening if both http_host and https_host go to www.quessentials.com/dev

Where is the loop created??[/quote]

I think I know what’s your problem. You have created a subdomain dev.quessentials.com and then also a new subfolder called /dev/. It can’t work.

Try to change the installation folder and change your config.local.php:


[QUOTE]// Host and directory where software is installed on no-secure server

$config[‘http_host’] = ‘www.quessentials.com’;

$config[‘http_path’] = ‘/newfolder’;



// Host and directory where software is installed on secure server

$config[‘https_host’] = ‘www.quessentials.com’;

$config[‘https_path’] = ‘/newfolder’;[/QUOTE]

From what I can tell, it’s the “www” that is missing in all of the previously tried configs and you stated that the cert was for www:


// Host and directory where software is installed on no-secure server
$config['http_host'] = 'www.quessentials.com';
$config['http_path'] = '/dev';

// Host and directory where software is installed on secure server
$config['https_host'] = 'www.quessentials.com';
$config['https_path'] = '/dev';

Thanks for all your help.



I have tried www in the config as well. no go.



I have also removed dev.quessentials.com subdomain, all its files, dns entries and db.



Changed Welcome! to Welcome!



It has not changed the situation.

… and this one?


[quote]// Host and directory where cs-cart is installed on usual server

$config[‘http_host’] = $_SERVER[‘HTTP_HOST’];

$config[‘http_path’] = ‘/your_cscart_directory’;



// Host and directory where cs-cart is installed on secure server

$config[‘https_host’] = $_SERVER[‘HTTPS_HOST’];

$config[‘https_path’] = ‘/your_cscart_directory’;[/quote]



But if nothing helps, I would ask your hosting provider, it can be a php- or https settings problem in the server or php configuration.

At least you can try to put this to your htaccess file:


[QUOTE]RewriteEngine On

RewriteCond %{SERVER_PORT} 443

RewriteRule ^(.*)$ https://www.example.com/$1 [R,L][/QUOTE]

nope. none of it worked. I have moved the cart down to root.



I have also spoke to the server admin, everything is as it should be on their end.:frowning:

Here you can see our demo CS-Cart installed in a subfolder. The SSL works fine:



[URL]http://www.martfox.com/cscsub/index.php[/URL]



The problem might be in the apache settings, your files or your configuration.



No CS-Cart.