All sites are forced HTTPS despite wrong certificate

Did you edit your wp-config.php to have an use SSL admin define?

Before everything switched over to https, I had not edited wp-config.php. Afterwards, some googling suggested that adding the following options, could help:

define(‘force_SSL’, false);
define(‘FORCE_SSL_ADMIN’, false);

It did not help, and all my sites (and admin pages) are forced HTTPS.

I’ve also tried checking in a different browser to see if it’s my cache that does this, but the problem persists.

I’ve checked the wp_options table for clues and it seems SSL isn’t forced there either:

mysql> select * from wp_options where option_name like '%ssl%';
+-----------+--------------------+--------------+----------+
| option_id | option_name        | option_value | autoload |
+-----------+--------------------+--------------+----------+
|       307 | ssl_host           |              | yes      |
|       308 | ssl_port           |              | yes      |
|       311 | ssl_host_diff      | 0            | yes      |
|       312 | ssl_host_subdomain | 0            | yes      |
|       315 | ssl_admin          | 0            | yes      |
|       316 | ssl_proxy          | 0            | yes      |
|       320 | ssl_host_mapping   | a:0:{}       | yes      |
+-----------+--------------------+--------------+----------+
7 rows in set (0.00 sec)

OK, time for full disclosure: I am an idiot.

After messing around with the is_ssl function in wp-includes/functions.php and forcing is_ssl to be false no matter what, I happily concluded that finally everything went back to it’s normal non-ssl former self.

Looking at the logic of the function, I concluded that it would only use SSL if the server told it that the connection was SSL. So I checked over some of the changes I had made last night (tired and sick) and noticed that my global PHP fastcgi config had the following line:

fastcgi_param HTTPS on;

Everything’s back to normal now. Thanks!

I just ran into this problem and spent many hours (over several days) trying to find out what had caused it. It started after I had done several updates at once, a bunch of themes, plugins, and wordpress update from version 3.9.2 to 4.0 .. I was doing this on my staging environment (Virtualbox) .. I run nginx, MySQL, wordpress, etc.

Suddenly I couldn’t load the root page, and I went into a redirect loop, going back and forth between my port 443 server and port 80 server. Going from port 443 to 80 was my own design, but going from port 80 back to 443 was a mystery. None of my settings explained why this was happening. I was being forced to use https.

I tried several things, removing plugins, themes, and wordpress itself. I finally narrowed it down to wordpress being the culprit. I downloaded version 3.9.2 and copied files manually back into the staging environment, and sure enough that fixed the problem. Something about the update from 3.9.2 to 4.0 was causing forced https. There are too many files for me to look through, so I just wanted to leave this here in the hopes it will get to concerned parties.