Hi @asmecher,
turning on force_ssl does not do any good because then you get a redirect loop:
OJS sees an HTTP request (not knowing it’s coming from the reverse-proxy) and redirects the browser to the HTTPS location. So the browser makes a new request (using HTTPS as before) to the reverse-proxy resulting in a new HTTP request to the OJS backend which redirects to HTTPS again. And so on and so forth.
Greetings
Hermann
PS: For the time being and as a workaround I changed PKPRequest.inc.php:
@@ -154,7 +154,7 @@
* @param $allowProtocolRelative boolean True iff protocol-relative URLs are allowed
* @return string
*/
- function getBaseUrl($allowProtocolRelative = false) {
+ function getBaseUrl($allowProtocolRelative = true) {
$_this =& PKPRequest::_checkThis();
$serverHost = $_this->getServerHost(false);