Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Troubles


grannystone

Recommended Posts

Hi, I'm new to the osC... just installed my first cart. I've worked with a few carts and I must say, osC is beautifully designed. Kudos to all who have worked on it, and thank you for making it available!!!

 

Everything seems to be working with my cart, but, when I go to login to "my account," or go to Checkout, and I should be entering into secure mode, the address at top changes to the https:// address but I experience the following: No Lock icon in IE; A crossed out lock in FireFox; A broken (red) lock in Netscape with a "You have requested an encrypted page that contains some unencrypted information..." message; And in Opera i get a "The server's certificate chain is incomplete, and the signer(s) are not registered..." message.

 

I spoke with Tech Support at the host and they assured me that the Security Cert is installed and functioning properly. It's a dedicated IP address and when I enter other URLs for the site using https://www. they come up as being secure.

 

Any idea(s) where my settings could be off??? Your help is greatly appreciated!

zomething fishy?

Link to comment
Share on other sites

Just looking at the problems you posted with regard to the lock not showing - you wouldn't be hosted with 1and1.com would you? If so, do a search of these forums for possible answers.

 

If that's not the problem, then take a look at this

 

"The server's certificate chain is incomplete, and the signer(s) are not registered.."

 

This can mean that although the full ssl cert is installed properly that the httpd conf files have not been rebooted on the server. Unless this has been done then the intermediate certificate will not appear, and as that error suggested the chain will be incomplete.

 

Vger

Link to comment
Share on other sites

:rolleyes: Hey thanks for the response!

 

No, the host isn't with 1and1.com, although I did read through several items relating to that host. This site is hosted with GoDaddy.com. I'll call them again to check on that. Last time I called they suggested that something isn't set properly in the cart files.

zomething fishy?

Link to comment
Share on other sites

I'd bet my money on them not having rebooted the httpd conf files. Never believe what a hosting company tells you the first time around, or the second come to that - unless it happens to be mine of course, in which case you can rely on it completely :)

 

But it might help us to check out further if you post the url of your site.

 

Vger

Link to comment
Share on other sites

I spoke with GoDaddy tech support again, and the woman told me that the secure cert was installed properly and functioning. She was familiar with osCommerce and said I needed to make sure that HTTPS connections were enabled, and the https://... server was specified in the configure.php doc that resides in the Includes directory. I know that I set all that stuff during the install process (actually I did it about four times just to be sure).

 

So I downloaded the configure.php doc from the server and, yes, it shows the https server and that SSL is true.

 

I picked the wrong week to stop taking ludes. >_< DOH!

zomething fishy?

Link to comment
Share on other sites

just for grins can you create an html file in your document root (www.janicemccarty.com) and then post here the name of it? do not put it into your catalog area, just one level above. this way we can test your https outside of osCommerce.

Link to comment
Share on other sites

by going to your main site and saying no to displaying nonsecure items, the ssl padlock does show up. thus, it has to be something wrong in the configure.php file, is what i am guessing. post the configure.php file here so we can see what is going on.

Link to comment
Share on other sites

Hey thanks for the input, I really, really appreciate it.

 

I put a file at the root called test.html

 

Ok, I'm probably going to look like a complete idiot, but I'm not sure how to attach the configure.php file to this post :blush: so I'll also post it in the sites root. I hope that is ok. It's at janicemccartydesign.com/configure.php

 

:o << Did this guy just get poked in the ass with a sharp stick?

:P << Considering the serious herpes outbreak, he's pretty happy!

 

Sorry, I've been at it for too many hours today (w00t)

zomething fishy?

Link to comment
Share on other sites

open the configure.php and copy and paste here, without the bottom part of database info, password, etc. dont post it where it is available on your server!

Link to comment
Share on other sites

Thank you Mr. Oligario!

 

Yes, I deleted the name and password stuff before posting that file.

 

Here's the info... Anything look funny?

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.janicemccartydesign.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.janicemccartydesign.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.janicemccartydesign.com');

define('HTTPS_COOKIE_DOMAIN', 'www.janicemccartydesign.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/content/j/a/n/janicemccarty/html/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

zomething fishy?

Link to comment
Share on other sites

at a quick glance i dont see anything out of the ordinary.

 

when viewing oscommerce, images appear as coming from the nonssl side of things. does your host require you to put your files into an ssl and nonssl directory?

for your main site index.html file, edit it and put https where ever you see http and then see if that page can be displayed.

Link to comment
Share on other sites

Of course I want some chocolate chicken pot pie. :huh:

 

No, the directory is the same either way. I'll try editing that file and see what happens. Do you think I sould do the same in this configure.php doc?

 

Be right back... I have to go get some cash from the bank :ph34r:

zomething fishy?

Link to comment
Share on other sites

But seriously, I have to say thanks again for looking at this stuff with me.

 

Here's what I just did:

Changed the HTTP in the index.php file to HTTPS. Tested it but it was acting the same -- would switch to the https:// URL but wasn't showing a lock as being secure.

 

Then i went to the configure.php file (in includes directory) and changed the one setting to this

define('HTTP_SERVER', 'https://www.janicemccartydesign.com');

 

After that change, once I clicked from the non-secure homepage to the login page, the cart showed as being secure and remained in secure mode no matter where I went in the cart.

 

So I went back to the index.php file and changed it back to it's original settings.

 

That's how the cart is now and it goes into secure mode as soon as you click off of the front page.

 

I picked the wrong week to stop drinking :blink:

zomething fishy?

Link to comment
Share on other sites

  • 8 months later...
But seriously, I have to say thanks again for looking at this stuff with me.

 

Here's what I just did:

Changed the HTTP in the index.php file to HTTPS.  Tested it but it was acting the same -- would switch to the https:// URL but wasn't showing a lock as being secure.

 

Then i went to the configure.php file (in includes directory) and changed the one setting to this

define('HTTP_SERVER', 'https://www.janicemccartydesign.com');

 

After that change, once I clicked from the non-secure homepage to the login page, the cart showed as being secure and remained in secure mode no matter where I went in the cart.

 

So I went back to the index.php file and changed it back to it's original settings.

 

That's how the cart is now and it goes into secure mode as soon as you click off of the front page.

 

I picked the wrong week to stop drinking :blink:

Link to comment
Share on other sites

But seriously, I have to say thanks again for looking at this stuff with me.

 

Here's what I just did:

Changed the HTTP in the index.php file to HTTPS.  Tested it but it was acting the same -- would switch to the https:// URL but wasn't showing a lock as being secure.

 

Then i went to the configure.php file (in includes directory) and changed the one setting to this

define('HTTP_SERVER', 'https://www.janicemccartydesign.com');

 

After that change, once I clicked from the non-secure homepage to the login page, the cart showed as being secure and remained in secure mode no matter where I went in the cart.

 

So I went back to the index.php file and changed it back to it's original settings.

 

That's how the cart is now and it goes into secure mode as soon as you click off of the front page.

 

I picked the wrong week to stop drinking :blink:

 

Ok Janice,

 

You?ve proved that 'https://www.janicemccartydesign.com/catalog' works but when it says define ?HTTP? it doesn?t mean change to ?HTTPS? so take off the ?s? because all you have achieved is that now all your pages will open in ?https? which is going to be slow on loading as everything images etc are going to be encrypted first before they load. As you have it now it?s very slow and sorry, people won?t wait.

 

If you have made any changes anywhere other than includes/configure.php and admin/ includes/configure.php change them back to the original settings.

 

Note: Make sure you have No empty spaces before <?php at the op of the page and after /> at the bottom, php dont like empty spaces at the beginning or end of a page

 

Your configure files should be something like this:

includes/configure.php

 

 
<?php
/*
 $Id: configure.php,v 1.14 2003/07/09 01:15:48 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.janicemccartydesign.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.janicemccartydesign.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.janicemccartydesign.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.janicemccartydesign.com');
 define('HTTP_COOKIE_PATH', ''www.janicemccartydesign.com'/');
 define('HTTPS_COOKIE_PATH', ''www.janicemccartydesign.com'/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'xxxxxxxxxxxx');
 define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxx');
 define('DB_DATABASE', 'siamsave_osc1');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

 

and your

admin/ includes/configure.php

 

<?php
/*
 $Id: configure.php,v 1.14 2003/02/21 16:55:24 dgw_ Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2002 osCommerce

 Released under the GNU General Public License
*/

// define our webserver variables
// FS = Filesystem (physical)
// WS = Webserver (virtual)
 define('HTTP_SERVER','http://www.janicemccartydesign.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.janicemccartydesign.com/catalog');
 define('HTTPS_CATALOG_SERVER', 'http://www.janicemccartydesign.com/catalog');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)
 define('DIR_WS_ADMIN', '/catalog/admin/');
 define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);
 define('DIR_WS_CATALOG', '/catalog/admin/');
 define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

// define our database connection
 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', 'xxxxxxxxxxxxxx');
 define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxx');
 define('DB_DATABASE', 'siamsave_osc1');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
// leave empty '' for default handler or set to 'mysql'
?>

Link to comment
Share on other sites

Ok Janice,

 

You?ve proved that 'https://www.janicemccartydesign.com/catalog' works but when it says define ?HTTP? it doesn?t mean change to ?HTTPS? so take off the ?s? because all you have achieved is that now all your pages will open in ?https? which is going to be slow on loading as everything images etc are going to be encrypted first before they load. As you have it now it?s very slow and sorry, people won?t wait.

 

If you have made any changes anywhere other than includes/configure.php  and admin/ includes/configure.php change them back to the original settings.

 

Note: Make sure you have No empty spaces before <?php at the op of the page and after /> at the bottom, php dont like empty spaces at the beginning or end of a page

 

Your configure files should be something like this:

includes/configure.php

 

 
<?php
/*
?$Id: configure.php,v 1.14 2003/07/09 01:15:48 hpdl Exp $

?osCommerce, Open Source E-Commerce Solutions
?http://www.oscommerce.com

?Copyright (c) 2003 osCommerce

?Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
?define('HTTP_SERVER', 'http://www.janicemccartydesign.com'); // eg, http://localhost - should not be empty for productive servers
?define('HTTPS_SERVER', 'https://www.janicemccartydesign.com'); // eg, https://localhost - should not be empty for productive servers
?define('ENABLE_SSL', true); // secure webserver for checkout procedure?
?define('HTTP_COOKIE_DOMAIN', 'www.janicemccartydesign.com');
?define('HTTPS_COOKIE_DOMAIN', 'www.janicemccartydesign.com');
?define('HTTP_COOKIE_PATH', ''www.janicemccartydesign.com'/');
?define('HTTPS_COOKIE_PATH', ''www.janicemccartydesign.com'/');
?define('DIR_WS_HTTP_CATALOG', '/catalog/');
?define('DIR_WS_HTTPS_CATALOG', '/catalog/');
?define('DIR_WS_IMAGES', 'images/');
?define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
?define('DIR_WS_INCLUDES', 'includes/');
?define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
?define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
?define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
?define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
?define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

?define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
?define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));
?define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
?define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
?define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
?define('DB_SERVER_USERNAME', 'xxxxxxxxxxxx');
?define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxx');
?define('DB_DATABASE', 'siamsave_osc1');
?define('USE_PCONNECT', 'false'); // use persistent connections?
?define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

 

and your

admin/ includes/configure.php

 

<?php
/*
?$Id: configure.php,v 1.14 2003/02/21 16:55:24 dgw_ Exp $

?osCommerce, Open Source E-Commerce Solutions
?http://www.oscommerce.com

?Copyright (c) 2002 osCommerce

?Released under the GNU General Public License
*/

// define our webserver variables
// FS = Filesystem (physical)
// WS = Webserver (virtual)
?define('HTTP_SERVER','http://www.janicemccartydesign.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
?define('HTTP_CATALOG_SERVER', 'http://www.janicemccartydesign.com/catalog');
?define('HTTPS_CATALOG_SERVER', 'http://www.janicemccartydesign.com/catalog');
?define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
?define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)
?define('DIR_WS_ADMIN', '/catalog/admin/');
?define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);
?define('DIR_WS_CATALOG', '/catalog/admin/');
?define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);
?define('DIR_WS_IMAGES', 'images/');
?define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
?define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
?define('DIR_WS_INCLUDES', 'includes/');
?define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
?define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
?define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
?define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
?define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
?define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
?define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
?define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
?define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
?define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

// define our database connection
?define('DB_SERVER', 'localhost');
?define('DB_SERVER_USERNAME', 'xxxxxxxxxxxxxx');
?define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxx');
?define('DB_DATABASE', 'siamsave_osc1');
?define('USE_PCONNECT', 'false');
?define('STORE_SESSIONS', 'mysql');
// leave empty '' for default handler or set to 'mysql'
?>

 

Hi Janice,

 

Michelle again.

 

Just a couple of things.

 

1) I think you should set your images back to the original settings as yours at the size they are loading, are pushing everything to the right and making everything go off screen. If you want why dont you put a link on the photo to view enlarged image in a pop up window same as product_info.php page

 

2) Your opening page @ http://www.janicemccartydesign.com opens fine but I would suggest putting the menu rail that you have at the bottom at the very top (above everything else) as well, that way people don't have to search for links also you have spelt Shop On Line as SHOP ONLILNE maybe you'll want to correct?

 

3) The Please click here! Link on your One of a Kind page goes to https and check the 3 right links on your bottom menu rail.

 

Kind Regards,

Michelle.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...