I am using a Cloudflare flexible SSL (SSL on the public domain, clear text between Cloudflare server and mine). I activated SSL from http://www.mywebsite.com/Admin/Store/Edit/1 page and a "Too many redirects error is thrown" error is thrown.
What is the guideline to properly configure this kind of case?
When turning on a stores "SSL Enable" and filling in the stores secure url (basically "https://<mystorename>.com") and click save, it becomes impossible to browse to the website.
I have had to revert is by manually doing it in the database!
What I am basically trying to achieve is redirection to SSL on all pages so Chrome doesn't moan... (Currently using nop 3.40 but willing to go through the hassle (many customisations) of upgrading if necessary)
Unfortunately you will need to edit the core code to get nopCommerce to work with Cloudflare Flexible SSL or buy an SSL and install it on Cloudflare and set SSL to full. As you can now do this for free sites too on Cloudflare.
Please try to apply this commit. Let me know if it helps
It will probably be after the release of 3.90 before I am in a position to try since I will need to perform a lot of customisation first... but will do!
BTW. If you need to perform an emergency release after the initial release as has happened a few times in the past... Please please please use a version scheme like MAJOR.MINOR.REVISION (where revision is an incremental number of the emergency release) as this has bitten me in the past...
Unfortunately you will need to edit the core code to get nopCommerce to work with Cloudflare Flexible SSL or buy an SSL and install it on Cloudflare and set SSL to full. As you can now do this for free sites too on Cloudflare.
Thanks @leen3o. That did it. I had the same issue with Cloudflare and changing SSL from flexible to strict fixed it. And yes, you can now do full SSL on free websites too.
If you don't want to deal with code changes and still want free cloudflare flexible cert to work in any nopcommerce version, you can add page rules in CF to always use https and add outbound rule below: