Question 188922 in Laravel Question posted in
The official Laravel Documentation can be found here.

Cannot Access Laravel via HTTPS

I am having an issue accessing my site using https. Here is the layout

domain.com -> Has SSL certificate -> works perfectly

subdomain.domain.com -> Has SSL certificate covering the subdomain -> ISSUES – This subdomain has an A DNS record looking at a Linode Server IP address hosting my Laravel

Accessing http://subdomain.domain.com/ works but shows no padlock

Accessing https://subdomain.domain.com/ throws cannot be reached with Laravel giving the Invalid request (Unsupported SSL request) error

Here is my ENV

APP_ENV=production
APP_DEBUG=true
APP_URL=https://subdomain.domain.com

SERVER_PORT=443
SERVER_HOST=<linodeIPAddressHere>

There is nothing in the boot() AppServiceProvider.php and I have tried many solutions. My Linode Firewall is allowing port 443 inbound and outbound, the SSL certificate is 100% installed using SSL checker websites. I’m stuck here. I’m happy to troubleshoot anything as I’ll be working on this until I can find a fix.

Tags:

2

Answers


  1. 0

    Here are a few suggestions to help you troubleshoot and resolve the issue:

    1. Verify SSL Certificate Installation: Double-check the SSL certificate installation for the subdomain subdomain.domain.com. Ensure that the certificate is installed correctly on the server hosting the Laravel application. You can use online SSL certificate checkers to verify the installation and check for any potential issues.

    2. Check Virtual Host Configuration: Ensure that your web server’s virtual host configuration for the subdomain is correctly set up to handle SSL requests. In the configuration file, make sure that the SSL certificate and key paths are specified correctly.

    3. Confirm HTTPS Listener: Verify that your web server (e.g., Apache or Nginx) is configured to listen on port 443 for HTTPS requests. Check the server configuration to ensure that the SSL module is enabled and that the appropriate virtual host configuration is present.

    4. Mixed Content Issue: If the SSL certificate is installed correctly and the server is properly configured, another common issue that can cause the padlock to not appear is mixed content. This occurs when your web page includes resources (such as images, scripts, or stylesheets) loaded over HTTP instead of HTTPS. Make sure that all the resources loaded on your page are using HTTPS URLs to avoid this issue.

    5. Laravel Configuration: Check your Laravel application’s configuration to ensure that it is correctly set up for HTTPS. In the config/app.php file, verify that the url option is set to https://subdomain.domain.com. Additionally, check any other configuration files where you might have hard-coded HTTP URLs and update them to use HTTPS.

    6. Firewall or Load Balancer Settings: If you are using a firewall or a load balancer, make sure that it is correctly configured to forward HTTPS traffic to the correct server hosting your Laravel application. Check the settings to ensure that port 443 is allowed and forwarded correctly.

    7. Debugging Tools: Utilize debugging tools and logs to gather more information about the issue. Check the web server’s error logs, Laravel’s logs (storage/logs/laravel.log), and any other relevant logs to see if they provide any clues about the specific error or misconfiguration.

    By going through these steps, you should be able to identify and resolve the issue preventing you from accessing your subdomain https://subdomain.domain.com securely.

    Login or Signup to reply.
  2. 0

    Maybe you need to edit .htaccess file in public folder of your domain … If on APACHE -> Something like this:

    <IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
    Options -MultiViews -Indexes
</IfModule>

RewriteEngine On 
RewriteCond %{HTTPS} !=on 
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]

# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

<FilesMatch ".(html|htm|js|css|php)$">
    FileETag None
    <IfModule mod_headers.c>
        Header unset ETag
        Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
        Header set Pragma "no-cache"
        Header set Expires "Wed, 12 Jan 1980 05:00:00 GMT"
    </IfModule>
</FilesMatch>
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search