Hi - I have just installed the latest Elgg (2.3.4) onto an Apache server running on a CentOS based system (Nethserver 7.4, if you are interested).
Anyway - the installation script would not run with the default, secure settings on the server. I kept getting errors about the installation pages wanting to install insecure items - that is, the page served over https:// wanted to load javascript, css and images using http://.
I searched the internet and the elgg discussions for a solution, mucked around for a while with .htaccess files, and eventually had to enable access to the site with http://, install, edit the settings -> advanced settings -> The site url setting, and then disable http:// access on the Apache server. Everything seems to be running as expected.
But it is not all that convenient :-)
If there is a way to install over https://, it should be easier to find out how to do it. If there isn't - well, there should be.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Jeroen Dalsem@jdalsem

Jeroen Dalsem - 0 likes
- Don Robertson@donrob

Don Robertson - 0 likes
You must log in to post replies.I have created an issue in our bugtracker to investigate this https://github.com/Elgg/Elgg/issues/11371
It should be no problem to install over https
I did try to search all the files to see if I could find a http:// - but got so many results in readmes or commented sections of code that I gave up :-(.