I'm using PHP4.01pl2 on Linux 2.2 and am using Apache for the webserver.

I have forms which are passing variables from regular http PHP pages to secure https PHP pages. The form objects disappear when being sent to the https page.

I've seen that libcurl is an option if you want to retreive a secure page...however I want to pass this information through to the resulting secure page. I also have situations where one secure page is calling another secure page and I simply want to pass the form variables between them.

Does anyone have any information about getting this to work?

Any assistance is appreciated.

Thanks!

Some important additional information: It appears that it could be an IE problem? I just ran the same information through an older version of netscape and it worked. Any ideas on why IE would be having a problem with https form posting with PHP? Could it be the way they implemented https with http 1.1? Is there a way to force IE to http 1.0?

Thanks for any assistance!

I had similar broblem and found a fix from modssl F.A.Q. Problem manifested itself only (why am I not suprised) when using IE with https connection. Solution: Apply following lines into httpd.conf.ssl in your apache conf directory:

SetEnvIf User-Agent \".MSIE.\" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-responce-1.0

and restart Apache

worked with me!!

Please note that there should not be any backslashes in the lines you add into httpd.conf.ssl

I donno from where they came as I posted my message....

I'm having a similar problem with IE possibly. I have Apache and mod_ssl installed. When someone goes from their cart to the secure page to enter in address info, it switches to SSL fine in IE. Then, when they submit that page, they get a page can not be displayed. If they hit their back button and re-enter the info, clicking submit, it works to show what they are purchasing and boxes to enter card info. I don't have an httpd.conf.ssl file on my system. Was this outdated along with the access.conf file or no? Any ideas guys?

Thanks,
Kevin

Kevin,

Here is the fix that I made.

Change the following block of code in /etc/httpd/conf/httpd.conf (large chunk to
help you find it)

from:

            $PerlConfig .= \"Listen $ip:443\\n\";
            $PerlConfig .= \"<VirtualHost $ip:443>\\n\";
            $PerlConfig .= \"SSLengine on\\n\";
            $PerlConfig .= \"SSLCertificateFile

/home/sites/$group/certs/certificate\n\";
$PerlConfig .= \"SSLCertificateKeyFile
/home/sites/$group/certs/key\n\";
$PerlConfig .= join(\'\', @ssl_conf);

to:

            $PerlConfig .= \"Listen $ip:443\\n\";
            $PerlConfig .= \"<VirtualHost $ip:443>\\n\";
            $PerlConfig .= \"SetEnvIf User-Agent \\\".*MSIE.*\\\" \\\\n\";
            $PerlConfig .= \"        nokeepalive ssl-unclean-shutdown

\\n\";
$PerlConfig .= \" downgrade-1.0 force-response-1.0\n\";
$PerlConfig .= \"SSLengine on\n\";
$PerlConfig .= \"SSLCertificateFile
/home/sites/$group/certs/certificate\n\";
$PerlConfig .= \"SSLCertificateKeyFile
/home/sites/$group/certs/key\n\";
$PerlConfig .= join(\'\', @ssl_conf);

Once you\'ve made these changes restart Apache.

I hope this helps. It worked for me.

• John