Page 1 of 1

Downloads not working with SSL/https

Posted: 27 Oct 2021, 15:22
by loxlay
Hi,
after moving my website to a new hoster, downloads are not working anymore.
Error message: Error: Secured connection failed

My SSL-Cert is OK.

I found this in FAQs, but it's not fixing my problem.
"Download is not working in IE browsers when SSL is enabled?"
https://www.phoca.cz/documents/17-phoca ... ent/85-faq

Any idea?

Thanks
Robin

Re: Downloads not working with SSL/https

Posted: 31 Oct 2021, 21:32
by Jan
Hi, Phoca Download just detects the protocol (http or https) and set the right header there.

In fact, Phoca Download works on SSL websites mostly, e.g. like here:
https://www.phoca.cz/download/category/ ... -component

So I think, this is much more a question on server provider - to see if there is some error in error log, etc. :idea:

Jan

Re: Downloads not working with SSL/https

Posted: 31 Mar 2022, 11:09
by dl6dx
I'm getting the same problem on several Installations, which ran flawlessly before:

Access to the category view is fine, preview and file details is ok. If I attempt to download a file (which worked before, as said) the download connection terminates with a TLS error message.

Firefox error display:
"Secure Connection Failed
An error occurred during a connection to www.do-main.de.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."
No error code, no other information. The URL accessed has a https: prefix.

MS Edge error display:
"Hmmm… can't reach this page
It looks like the webpage at https://www.do-main.de/index.php/thearchive/category/7-categoryname?download=275:file-name might be having issues, or it may have moved permanently to a new web address.
ERR_HTTP2_PROTOCOL_ERROR"
(sensitive information in URL changed)

ERR_HTTP2_PROTOCOL_ERROR of course looks like a TLS issue. But SSL/TLS access was/is already forced (via .htaccess) and works otherwise. (The Joomla configuraton option is currently set to "off".)

System: Joomla 3.10.8 on PHP 7.4. Phoca download release information:

de-DE.com_phocadownload Site Datei 4.0.0 09.11.2021
de-DE.plg_content_phocadownload Site Datei 3.0.6 09.11.2014
Komponente Phoca Download - Deutsche Sprachdateien Site Datei 3.1.1 31.03.2015
Phoca Download Administrator Komponente 3.2.3 08/03/2021
Phoca Download Button Plugin Site Plugin 3.2.1 22/10/2020
Phoca Download Plugin Site Plugin 3.2.1 22/10/2020
Plugin Phoca Download XTD - Deutsche Sprachdateien Site Datei 3.0.6

I didn't find anything meaningful regarding this kind of error yet. Hints or any pointer to additional information will be appreciated!

Kind regards

Stefan

Re: Downloads not working with SSL/https

Posted: 31 Mar 2022, 16:57
by dl6dx
Update: Using a http header sniffing tool (Live HTTP headers), I found that the connection terminates just after the request was sent. Mozilla issued the error code NS_ERROR_NET_INTERRUPT. This is, as far as I could find out, on TLS level. So Phoca Download was "out of the game" and I had to check the server platform.

After finding out that a major platform change at my hosting provider introduced nginx as proxy I searched my provider's support forum. Found a hint that some scripts would send an incorrect content-length header. As nginx works with so called "slices" based on header analysis downloads might terminate too early. The recommendation was to add "RequestHeader unset Range" to .htaccess.
After this change downloads work again.

Re: Downloads not working with SSL/https

Posted: 04 Apr 2022, 12:06
by Jan
Hi, thank you very much for the info, can you paste here the exact .htaccess rule which you have used.

Thank you, Jan

Re: Downloads not working with SSL/https

Posted: 04 Apr 2022, 12:44
by dl6dx

Code: Select all

# Downloads mit phoca download funktionieren nach Plattformwechsel nicht mehr.
# Fundstelle:
# https://forum.df.eu/forum/user-f%C3%BCr-user/technische-fragen/11176-seit-heute-64bit-keine-dateidownloads-%C3%BCber-php-mehr-m%C3%B6glich
#
# Leider geben viele Scripte eine inkorrekte content-length auf Download-Requests hin an.
# Da der nginx mit sog. slices arbeitet die entsprechend der Range die angegeben wurde gelesen werden, kann es zu diesem Fehler kommen.
# Bitte ergänzen Sie daher einmal die .htaccess Ihrer Webseite um die Zeile:
RequestHeader unset Range
Quick C&P from .htaccess. The comments are german, sorry. Hope, it helps anyways.

Kind regards
Stefan

Re: Downloads not working with SSL/https

Posted: 04 Apr 2022, 13:43
by Jan
Hi, no problem with german, thank you very much.

BTW, there was similar problem in this thread: https://www.phoca.cz/forum/viewtopic.php?f=31&t=63134 so I now prepare new version with new parameter "check http range", so maybe disabling the range check can even help.

Thank you, Jan

Re: Downloads not working with SSL/https

Posted: 04 Apr 2022, 14:00
by Jan
It can be tested in version 4.0.1:
https://www.phoca.cz/download/category/ ... -component

The parameter (called Check Http Range) can be disabled in Options (last tab - General Options).

Jan

Re: Downloads not working with SSL/https

Posted: 04 May 2022, 11:32
by grangilles
Hi everybody
i have an issue since my host activate the htpps.

if i reach a file via the search engine, after clicking the grey download button, this dialog box appear :

"The information entered will be transmitted in clear (without encryption). They can therefore possibly be intercepted and read during their routing.
Are you sure you want to send this information?"


There are two options : "ok" or "cancel"
whatever i choose nothing append.

For the same file, but reached via a menu link such as: link type / phoca download / list of file (category view)/
by clicking the green download button, i can get the file.

Before this https update from my host, everything worked fine.

Any ideas ?
Thanks a lot.

Joomla 3.9.22
Phoca 3.2.3

Re: Downloads not working with SSL/https

Posted: 04 May 2022, 13:49
by grangilles
Hi,
for an entire comprehension of the problem, i have to add that the host server is in http and a proxy located in front is dealing the https .
Thanks.