2

I did quite a bit of search on both here and google and could not find a solution to my problem.

In a nutshell I installed a self-signed ssl certificate to a test web server that runs on IIS6/Windows Server 2003. The self-signed ssl cert was generated using the IIS6 tool.

If I go to https//mywebsite.com I get the "not authentic ssl cert" warning message and I just click Continue and it works. (normal behavior for self-signed ssl).

This works for HTML, but for PHP is not working, phpinfo shows https = off. BTW I'm running PHP 5.2.17.

The weird thing is that in the production server I have exactly the same setup for the same application, the only difference is that on that server I have installed a legit ssl cert, and php info shows https = on.

So I'm starting to think the following:

A) php won't detect a self-signed ssl cert, is this correct?

B) I'm missing something obvious, what kind of things can I check?

Thanks!

wonitta
  • 23
  • 4
  • Someone recommended to check if extension=php_openssl.dll is in my php.ini file. I checked and it is there. Any other ideas? Never thought this would be so difficult :( – wonitta Jun 21 '12 at 19:17

1 Answers1

0

If your php install is sitting on a box that is serving http to a (proxy or other) box that is serving https to the client then as far as the client can tell they are using https, as far as the proxy box can tell it is serving https to the client and requesting from the server via http and as far as php (on the server) goes it is seeing http traffic from a client (the proxy box). Some hosting providers do this for their convenience.

Ram
  • 612
  • 3
  • 10
  • That was it! Thank you! I had the webserver behind an ISA firewall. I had to export the ssl cert and install it in the ISA firewall and create a publishing rule for it. That did it! I hope this helps others that run into this situation. – wonitta Jun 22 '12 at 17:21