cancel
Showing results for 
Search instead for 
Did you mean: 

Problems Switching from HTTP to HTTPs

Problems Switching from HTTP to HTTPs

Hi

 

We have been running CE version 1.9.2.1. The issue is when switching from http://... to https://..., when for example checking out.

 

Under http:// I can select a product to purchase and add it to the cart with no problems. However if I switch from http:// to https:// the cart is now empty. If I go back to http:// there is an item in the cart.

 

I have searched for causes and check most of them The server date/time is correct. 

 

Today I upgraded the site and database to CE 1.9.3.2 and the problen with HTTP/HTTPS is still there.

 

It also happens when logging into admin where if I login as HTTP:// and switch to HTTPS:// I am put back to the admin login page again.

 

Any help/ideas much appreciated.

 

Regards

5 REPLIES

Re: Problems Switching from HTTP to HTTPs

Go to the Magento Admin, System -> Configuration -> Web.

There you have two section where you have to pay attention:

 - Session Cookie Management

 - Session Validation Settingscookie.png

 

 All those settings affect you possibility to keep cart content during switching from http to https, and vice versa. For beginning, you can try to set Cookie Domain and Cookie Path to empty values, and Use HTTP Only to "Yes". Clear the cache and check how it works.

 

Also, Session Validation Settings affect ability of your Magento to recognize if Customer who uses session is hacker (man-in-the-middle) or not. Depending on your HTTP/HTTPS service, there may be an issue about forwarding or setting some of those fields. Try different combination, for example use only "Validate REMOTE_ADDR". 

 

Let me know if you solved the issue.

 

 

 

 

If this response was helpful to you, consider giving kudos to this post.
If this response solved your problem, click accept as solution to help others solve this issue

Re: Problems Switching from HTTP to HTTPs

Thanks Sinisa

 

I'll give it a go and get back to you.

Re: Problems Switching from HTTP to HTTPs

Hi Phil,

Have you considered running everything in your store from HTTPS? It will prevent your store from losing sessions. And after Feb 1 this year, it's pretty much mandatory for all websites anyway because Chrome and FireFox browsers will show "connection is not secure" warning to your visitors in the store and not many people will want to buy something in the store which shows that message.

You can find more details on my article here: Fully Secure Store is not Optional Anymore

if it's setup properly, your store will be even faster running from HTTPS and search engines and your customers will be happy = more sales.

Hope this helps.

Anton Pachkine @ magento2.hosting : Magento Managed Package. Get your e-commerce health checkup at http://ecommerce.fitness

Re: Problems Switching from HTTP to HTTPs

"if it's setup properly, your store will be even faster running from HTTPS".

 

This is not true. HTTPS has overhead because of handshaking, especially initial handshaking which can be pretty slow. With HTTP/2 those differences are smaller, and in a majority of use cases, they will be insignificant.

 

It's a good point about HTTPS that is better to go over HTTPS (and to utilize HTTP/2) because of browsers and Google search engine started to force merchants (and other site owners) to do the same.

If this response was helpful to you, consider giving kudos to this post.
If this response solved your problem, click accept as solution to help others solve this issue

Re: Problems Switching from HTTP to HTTPs

Hi Sinisa,

Yes, i agree with you - everything else being equal, http will be faster than https.
but the point I was trying to make was: if when we compare the performance of a store running from HTTP on a server without HTTP/2 and ALPN support and the same store running from HTTPS on a server with HTTP/2 and ALPN support, we see a significant improvement. 

this is what I mean by "setup properly" so people do not just go and switch store from HTTP to HTTPS which will just slow them down by 30% or so.

 

Anton Pachkine @ magento2.hosting : Magento Managed Package. Get your e-commerce health checkup at http://ecommerce.fitness