After installing a certificate, activate the connection and change base url … It’s a catastrophe! Nothing is currently working on the Storefront, it fails with an error message: “Unable to process request”
The first reaction is often disable the loopback communication, which ultimately is not optimum: in the case of a VIP, the communication backs on the VIP and more generally, why leaves on the “switched” network when the communication stays on the local host.
What does Storefront on the loopback?
Storefront site is actually composed of 5 sub-sites (in 3.5; 6 to 3.6), and he needs from some of these subsites to interact with other subsites. The loopback keeps the communication on the host when you activate SSL, often the certificate is not valid for the loopback, and so communication is not possible, Storefront stops with the error “Unable to process request”
The problem is clearly identified, we can force the use of HTTP for communication on the loopback: OnUsingHTTP. The problem is that local stream is not encrypted and can be listen (or npcap Message Analyzer allows to capture packets on the local loop)
It is also possible to generate a certificate with alternate name 127.0.0.1 in this case, the communication on the local loop can be https, and therefore it becomes possible to force the use of SSL for all communications to the storefront and between the storefront sites by checking “Enable strict transport security”