ubercart ssl critical error came back as non-secure

Hmm I am not aware of any known issues regarding the SSL check's not working. Its there in order to help make sure that your site is indeed working off SSL and not just redirecting to the https port in an unsecured protocol which can happen in some cases. You can get around this by simply changing FALSE to TRUE in that very same function, but be aware that doing so means that you are telling the module that your site is secure even though it doesnt believe so. I'd actually recommend finding out why drupal cannot see your site in secure mode. There is a variable there called '$check'. What does it show when you print_r($check) this variable? It should tell you what it actually got back as a response and my guess is that it either got redirected for some reason (htaccess maybe?) or something intercepted it.

Below is a function that should help you diagnose this. It has a print_r and exit as well as the FALSE changed to TRUE in case u cant get it to work right.

function uc_ssl_check($site = '')
{
   if (!$site)
   {
      if ($_GET['uc_ssl_check'])
      {
         if (uc_ssl_page_is_in_https_mode())
         {
            echo TRUE;
         }
         else
         {
            echo FALSE;
         }
         exit;
      }
   }
   else
   {
      $check = drupal_http_request($site."?uc_ssl_check=1");
      print_r($check);
      exit;

      if ($check->data == '1' || $check->data == 1 )
      {
         return TRUE;
      }
   }
   //return FALSE;
   return TRUE;
}

I am getting this problem AND if I bypass the check as suggested then no pages load. Every page tries to re-direct to https and then seems to go into an infinite loop.

I am running on nginx, not apache, could that be the problem.

Thanks

Todd

Its is possible that its a server issue if your server somehow tries to do ssl redirection on its own. I dont know enough about this error as I can never seem to reproduce it on any of my sites/servers.

I have a little more information to contribute...

I am experiencing the same problem with my hosting provider, Dreamhost.

I've traced through the code and found that the $site variable isn't set neither is $_GET['uc_ssl_check'].

I encounter the same problem. I'm also using nginx. When I go to both http and https version of my site, everything seems to run fine. But when I try to enable uc_ssl, I get the same CRITICAL ERROR problem. I tried the same fix, and it gave me infinite redirect.

this is the input when I put print_r($check) statement:

stdClass Object ( [request] => GET /?uc_ssl_check=1 HTTP/1.0 Host: esthersnc.com User-Agent: Drupal (+http://drupal.org/) [data] => [protocol] => HTTP/1.1 [status_message] => OK [headers] => Array ( [Server] => nginx/0.7.62 [Date] => Sat, 30 Oct 2010 23:59:15 GMT [Content-Type] => text/html; charset=utf-8 [Connection] => close [X-Powered-By] => PHP/5.2.10-2ubuntu6.4 [Set-Cookie] => SESSa29a4a8f27cf566cd5bf3f976a9b11d5=e3972b265d929527070955623f56abe0; expires=Tue, 23-Nov-2010 03:32:35 GMT; path=/ [Expires] => Sun, 19 Nov 1978 05:00:00 GMT [Last-Modified] => Sat, 30 Oct 2010 23:59:15 GMT [Cache-Control] => post-check=0, pre-check=0 ) [code] => 200 )

Any idea what cause this ? Is it nginx problem, or maybe the way I configure nginx as reverse proxy to fastcgi ?

I just wanted to toss out that I'm having the exact same issue on a client website.

I am unable to reproduce any of these and thus I have no choice but to chalk them up as server issues. If anyone who has one of these servers is able to get it working, posting the fix would help expose the problem if there is any. May also be able to add conditional code for those servers if possible.

I've encountered this error here and narrowed down the problem to the uc_ssl_check function within uc_ssl.module - if your PHP hasn't been complied with openSSL (as mine hasn't) the drupal_http_request() function won't be able to access data over SSL.

However:

If you bypass drupal_http_request() and use file_get_contents() to get the URL result it works fine (at least on my machine).

I've attached a patch file if you'd like to update the module to this method...

The alternative is to include a function to check for the openssl PHP extension before attempting to use drupal_http_request() - use extension_loaded('openssl') as the expression and return an error accordingly.

-Shannon

#8 is good news, I wasnt able to reproduce it since all of my servers have ssl enabled but I can see here that someone has reproduced it and given a good plausible explanation for it to fail. I'd like to change the drupal_http_request call to the built in file_get_contents. HOWEVER, this does bring up the issue of the allow_url_fopen setting in php.ini in which many servers do not have set and thus I dont think thats a viable option. Now that I have an idea of what the issue is, I can add some additional logic to fix this issue and give meaningful errors as to why it fails and how to fix it. If allow_url_fopen IS indeed on, I will then have it attempt to get the result using that also if the first attempt failed.

I have fixed this in the 6.x-1.22 version. If someone who had this problem previously could try it and see if it does anything that would be nice. If it works, simply mark this issue as fixed.

I hit this same problem and discovered that my hosting provider was not allowing access from the web-server to the public IP address (from DNS) of the secure site - for example:

1. Main website hosted at http://www.example.com with DNS Address record set to IP Address 123.111.222.3
2. Server on an internal subnet listening on port 80 (http) and 443 (https) - Internal IP 192.168.x.x
3. PHP runs the uc_ssl function uc_ssl_check() which calls drupal_http_request('https://secure.example.com?uc_ssl_check=1');
4. A DNS Loopup is performed and finds the EXTERNAL IP Address for https://secure.example.com (e.g. 123.222.333.4 - note that it is also different to the external IP address of the http URL.
5. The company's firewall does not allow traffic originating from it's internal IP range to connect to their External IP range.
6. The connection attempt times out because the packets got blocked!
7. uc_ssl does not report the timeout - It just fails to verify.

In my case, the sys-admins have set up an entry in the local /etc/hosts file which maps my 'secure.example.com' domain to the internal IP of the server - Now the uc_ssl check passes successfully.

I think that this kind of firewall configuration is likely to be fairly common, so I think the uc_ssl_check() may have to be rethought (perhaps using some kind of redirect in the browser so the connection is all done from the browser's side of the connection??) - I also think in its current guise, the test should check if $check->error contains a string after running the drupal_http_request(URL) and should return it to the user, rather than simply a pass/fail result.

Unfortunately; I now have a different problem! Even though I have set the SSL Server to be https://secure.example.com (with my real domain name of coure!), it is trying to redirect to https://www.example.com which only accepts 'http' requests!

@ crystaldawn - you may want to check out the nab_transact module's handling of this issue as they've implemented the checks for extensions into the .install file and provided a message to the user if extensions aren't enabled. I'll check out your update soon. Thanks!

Here is the link: http://drupal.org/node/1005860

I have SSL running on my server, if I go to https://www.domain.com it all works great.

I have installed uc_ssl and put in my domains in the secure and non-secure boxes and get the following error:

CRITICAL ERROR! The domain you entered for the secured domain came back as non-secure or it does not point back to this installation of drupal. Your secure domain name MUST be setup and MUST be pointing at this install of drupal.

Also my checkout does not redirect to HTTPS at all.

So I would say this is not fixed in 6.x-1.22

Thanks

Do you have the OpenSSL extension compiled in to apache? Please read the thread above thoroughly to understand why this is relevant...

I'm using IIS and my SSL is working perfectly fine, although I'm getting the same error with the lastest version 1.26.

sub

I had to come back here and tell you my solution...

I try'd all options discribed here and at other threads but none worked..

Once i changed two hardcoded path's for images at the site the module gave me the greenlight :-)

Now i have to find out how to get that green addressbar....

hope this helps someone else

If im not mistaking, the green address bar depends on the SSL type you bought. Some offers the green bar some do not.

Hello,

Can I know what is the solution with Dreamhost ?

I have an Ubercart multi-install, do you know if I need a unique IP for each website ?

Thank you.