cancel
Showing results for 
Search instead for 
Did you mean: 

Magento 2.4.3 HTTPS issue with load balancer setup

Magento 2.4.3 HTTPS issue with load balancer setup

Hi,

We have installed Magento 2.4.3 community edition and trying to enabled HTTPS. We tried multiple options by keeping all the below options

 

Option1:

base_url, base_link_ur => HTTPS

base_secure_url, based_secure_link_url =>HTTPS

Result: Site not redirecting properly. Basically its going to infinity loop and redirecting multiple times

 

Option2:

base_url, base_link_url => HTTP

base_secure_url, based_secure_link_url =>HTTPS

Result: All files are not loading with HTTPS. Few are loading with http due to which we are getting mixed content issue and site layout got disturbed. (Issue: Blocked loading mixed active content, CORS issue)

 

Even we tried by editing .htaccess files with below options

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 

Below are our environment details

CentOS Linux 8

Magento 2.4.3

Load Balancer - Kemp (SSL is enabled via Kemp)

SSL Type - Wildcard SSL

Domain Type - We assigned Sub domain to server

 

Note: we are successfully able to see test page with HTTPS

 

Appreciated your early response.

 

Thanks,

Talluri

 

 

2 REPLIES 2

Re: Magento 2.4.3 HTTPS issue with load balancer setup

You should be able to set both Base URL and Base Secure URL to HTTPS. 

 

Do you have any rewrites or redirects at the Load Balancer, Web Server or .htaccess level? If you do, make sure you remove them as they shouldn't be needed. 

Re: Magento 2.4.3 HTTPS issue with load balancer setup

Hi,

We made changes in load balancer that it will send both HTTP /HTTPS requests to Magento server as it is. Now we are able to access Magento Admin with http.

 

We have not changed any .htaccess files of core Magento.

 

Below are the list of issues we see in browser console

1) The main problem of site loading is all CSS, JS files are loading with http which is causing "Blocked loading mixed active content"

2) Content Security Policy: The page’s settings observed the loading of a resource at ... domain name... A CSP report is being sent

 

FYI.. in server we have installed self signed certification as we have already installed wild card SSL in load balancer.

 

Thanks,

Talluri