Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL configuration


mels

Recommended Posts

I wanted to make my checkout secure on my oscommerce store is it just a matter of changing the configure.php file?

for example...

this line of text...

 

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

 

by changing it to true instead of false?

 

thank - you Mels

Link to comment
Share on other sites

No. You have to have either a full ssl certificate or a shared ssl certificate to be able to use this facility. File pathways will be different according to which type of certificate you use. e.g.

 

shared (something like) https://servername.hostcompany.com/yourdomain.com

 

full (exactly like)

https://www.yourdomain.com

 

Vger

Link to comment
Share on other sites

No.  You have to have either a full ssl certificate or a shared ssl certificate to be able to use this facility.  File pathways will be different according to which type of certificate you use.  e.g.

 

shared (something like) https://servername.hostcompany.com/yourdomain.com

 

full (exactly like)

https://www.yourdomain.com

 

Vger

 

 

I too have just gotten my ssl installed, and configured my config file. On the catalog side all seems to be working (it goes ssl on loging, checkout, etc..) but on the admin side it still says I am not protected by ssl...does anyone know what I need to do to fix this?

 

Thank

RavenWulf

Link to comment
Share on other sites

now you change the SSL values in configure.php from false to true.

 

poke around a bit in configure.php. It's more intuitive than you might think.

 

-jared

Link to comment
Share on other sites

now you change the SSL values in configure.php from false to true.

 

poke around a bit in configure.php.  It's more intuitive than you might think.

 

-jared

 

 

Thanks for the quick reply,

 

I have already changed the define statements in both configure files for the enable-ssl from false to true.

 

the only false statements left in each file are for use pcconnect.

 

any other ideas?

 

Thanks

RW

Link to comment
Share on other sites

mels is asking how to SSL-enable his shopping cart.

 

ravenwulf is asking how to SSL-enable his admin area.

 

These are totally different questions.

 

mels, is your shopping cart now SSL-enabled?

 

ravenwulf - there are several other threads on this - - have you looked at them yet?

Link to comment
Share on other sites

mels is asking how to SSL-enable his shopping cart. 

 

ravenwulf is asking how to SSL-enable his admin area.

 

These are totally different questions.

 

mels, is your shopping cart now SSL-enabled?

 

ravenwulf - there are several other threads on this - - have you looked at them yet?

 

 

I am currently digging thru them now...boy are there alot!

 

I was hoping it was a simple little answer...I have found how to use the.htaccess file to pw my admin, and have done that. Then I figured out why whenever I did an upload to my website the pw would disappear (the upload was overwriting the .htaccess file.) and fixed that.. so now I am just on the ssl for admin.

 

RW

Link to comment
Share on other sites

mels is asking how to SSL-enable his shopping cart. 

 

ravenwulf is asking how to SSL-enable his admin area.

 

These are totally different questions.

 

mels, is your shopping cart now SSL-enabled?

 

ravenwulf - there are several other threads on this - - have you looked at them yet?

 

yes I have it ssl enabled I dont know which configure.php to change

Link to comment
Share on other sites

To put all of your osCommerce 'admin' folder under SSL, use the .htaccess file in the 'admin' folder, and add this

 

SSLRequireSSL
ErrorDocument 403 https://www.yourdomain.com/admin/

 

This pathway is for a full ssl. If you're on a shared ssl input that pathway. You should then see the padlock in your osCommerce 'admin' folder, and it should say "You are protected by an unknown ssl connection". It always says it's 'unknown' even when you're using a full ssl.

 

Vger

I am currently digging thru them now...boy are there alot!

 

I was hoping it was a simple little answer...I have found how to use the.htaccess file to pw my admin, and have done that. Then I figured out why whenever I did an upload to my website the pw would disappear (the upload was overwriting the .htaccess file.) and fixed that.. so now I am just on the ssl for admin.

 

RW

Link to comment
Share on other sites

You change both of the configure.php files. The one in catalog/includes/ and the one in catalog/admin/includes/

 

If you have a full ssl installed the address is fairly easy, it's https://www.yourdomain.com. The https cookie domain is www.yourdomain.com (same as http cookie domain).

 

Vger

ok I got the ssl installed... Could you please tell me which configure.php file to change and what I do to it.

 

Thank you Mels

Link to comment
Share on other sites

ok I am having problems still... : (

the ssl directory with the .crt file is in my root directory..

I have changed the 2 configure.php files located in store/pkg/catalogue/admin/includes and

store/pkg/catalogue/includes

 

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

and

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

there is still no padlock in my browser...

 

what have I done wrong? or have i missed something ?

 

Mels

Link to comment
Share on other sites

To put all of your osCommerce 'admin' folder under SSL, use the .htaccess file in the 'admin' folder, and add this

 

SSLRequireSSL
ErrorDocument 403 https://www.yourdomain.com/admin/

 

This pathway is for a full ssl.  If you're on a shared ssl input that pathway.  You should then see the padlock in your osCommerce 'admin' folder, and it should say "You are protected by an unknown ssl connection".  It always says it's 'unknown' even when you're using a full ssl.

 

Vger

 

Vger,

 

thank you for the info. is there anywhere special I need to put this code in the .htaccess file? I tried adding it to the end and that did not seem to work.

 

also you have stated in other areas (threads) that we also need to set both the http, and https paths in the admin/includes/config.php file. Do we also set the http catalog server path to https?

 

Thank you for your help on this

 

RavenWulf

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...