Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL


Guest

Recommended Posts

I have mulitple domains and am looking to have SSL accross them all,

 

Is it possible for me to use a single domain for all SSL, therfor saving money - EXAMPLE BELOW:

 

 

securedomain.com/store1

securedomain.com/store2

and so on

 

defining the seperate stores by using different directories

 

I understand that I would need to FTP the store files to the correct folders, and that the address bar on internet explorer would change to the new location but is this possilble, or am I going about this the wrong way?

 

thanks in advance

Link to comment
Share on other sites

if securedomain.com is a FQDN, and the SSL is assigned to the FQDN then you have no problem. even if it is a shared SSL from a host there is no problem.

Link to comment
Share on other sites

  • 2 years later...
  • 6 months later...

I'm going to spend a few moments to explain how to use ONE SSL certificate among multiple sites.

 

It's possible you won't be able to do this because it requires access to at least one of the configuration files for the Apache server.

 

The system I am using, I just built

 

It is using SuSe Enterprise server running SLES 10.1 - this would be basically the same as SuSeOpen 10.1 with this distro you get

 

Apache 2.2.3

PHP 5.12

mySQL

 

Suhosin 0.9.6

 

 

The version of os commerce I'm running is old, the reason I'm still using it is... I've highly modified the pages so they work in a winery based environment. I've also modded up the shipping module so it handles the issue of "reciprocal states" (a condition where 27 states in the US allow each other to ship wine to directly, with different legal maximums within pre-defined time periods).

 

The version of oscommerce I'm using is 1.2 and it was developed around when PHP4.04 was released.

 

I have fewer "oscommerce config tools" to help me with this.

 

Here is the recipe:

 

In the past I've used a symbolic link in the main servers directory

 

The doc root the MAIN SSL site was say... /web_work/sites/1webicom/http

 

The doc root for the subordinate site was /web_work/sites/8pkv/http

 

I would create a symlink from the the MAIN to the Subordinate site

 

an ls -l would look like this

 

lrwxrwxrwx 1 wwwrun www 19 Nov 11 17:40 pkv -> /web_work/8pkv/http

 

The configuration file would like this

 

define('HTTP_SERVER', 'http://www.pkv.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.webicommerce.com/pkv'); // eg, https://localhost - should not be empty for productive servers

 

Everything that would occur in the HTTPS side of the transaction worked as though the directory "pkv" was nested inside the SSL doc

root.

 

This worked fine

***

 

Fast forward to the new install....

 

Apache doesn't allow symlinks to be used this way anymore. In fact it prohibits the following of a symlink. What it does instead... is use

"Aliases" which are hard coded symlinks.

 

Aliases are defined in the default-server.conf file. In my case the file is located at

 

 

/etc/apache2/default-server.conf

 

Open the file and edit under this part:

 

 

# We include the /icons/ alias for FancyIndexed directory listings. If you

# do not use FancyIndexing, you may comment this out.

#

Alias /icons/ "/usr/share/apache2/icons/"

 

<Directory "/usr/share/apache2/icons">

Options Indexes MultiViews

AllowOverride None

Order allow,deny

Allow from all

</Directory>

 

##

 

To it add your Alias, mine would like like this:

 

#

Alias /pkv/ "/web_work/sites/8pkv/http/"

 

<Directory "/web_work/sites/8pkv/http">

Options Indexes MultiViews

AllowOverride None

Order allow,deny

Allow from all

</Directory>

#

 

It knows the Alias is to be located *in* the root directory and each time it sees a call to "pkv" in the main http directory it *peers

into* the aliased path directory (/web_work/sites/8pkv/http) instead.

 

Since the URL request will look like "https://www.1webicom/pkv/checkout_payment.php" it serves up an SSL version of the site page

"https://www.pkv.com/checkout_payment.php".

 

It will present the parent site's certificate, but we're all used to this.

 

 

 

The next problem is maintaing the "cart state". This is really best done using sessions rather than cookies in this case, because

cookies placed are intended to be read only by the site palcing them. Oscommerce has a mechanism to get around this but it's

effectiveness depends on the vesion of oscommerce you are using. We will need to convey the cart and the cart state between the non-secude www.pkv.com and the secure www.1webicom.com/pkv site. I would have to say, "Man up, and use sessions".

 

To do this THERE IS A SECOND Objective you will need to overcome. Most distros are coming with the Japanese hardening shell called "Suhosin".

 

You will also need to locate the suhosin.ini file. In my case it's at :

 

/etc/php5/conf.d/suhosin.ini

 

Look down it and find this area:

 

;suhosin.session.cryptkey =

;suhosin.session.cryptua = 1

;suhosin.session.cryptdocroot = 1

;suhosin.session.cryptraddr = 0

;suhosin.session.checkraddr = 0

 

 

 

 

Change it to:

 

 

;suhosin.session.cryptkey =

;suhosin.session.cryptua = 1

suhosin.session.cryptdocroot = Off

;suhosin.session.cryptraddr = 0

;suhosin.session.checkraddr = 0

 

 

Save all changes and then restart the Apache server... in my case:

 

 

# /etc/init.d/apache2 restart

 

Check SSL side then it's time for a glass of wine.

 

 

Have you heard about Frank Wines? http://www.vipvr.com/frank_wines.shtml

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...