theDruid Posted November 19, 2004 Posted November 19, 2004 Hi, I've got my host's shared SSL set up successfully for the 'customer side' of my osCommerce set-up, but I'm struggling with getting the admin side onto SSL. I already have the directory protected, but I would like to make use of the SSL too. My admin/includes/configure.php file looks like: define('HTTP_SERVER', 'http://domain.co.uk'); define('HTTP_CATALOG_SERVER', 'http://domain.co.uk'); define('HTTPS_CATALOG_SERVER', 'https://securehost.myhosts.net/~domain'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/shop/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/shop/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); These are pretty much the same settings that have got it working on the shop front. The admin section does not seem to be using SSL though. Have I missed something? thanks in advance, theDruid.
ozcsys Posted November 19, 2004 Posted November 19, 2004 The admin is not set up for the automatice ssl like the catalog section. If you want to use ssl for your admin you need to change your define('HTTP_SERVER' to your secure settings, in your case your shared ssl path. The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right??
theDruid Posted November 19, 2004 Author Posted November 19, 2004 Brilliant - thanks for that mate; it worked straight away. cheers, theDruid.
ozcsys Posted November 19, 2004 Posted November 19, 2004 Brilliant - thanks for that mate; it worked straight away. cheers, theDruid. <{POST_SNAPBACK}> No Problem, good luck with your store. The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right??
theDruid Posted November 19, 2004 Author Posted November 19, 2004 Hello again - the admin section is now using HTTPS - which is great - but I'm now getting an error from osCommerce about the images directory not exisiting: Error: Catalog images directory does not exist: /home/secure/public_html/shop/images/ ..does this mean I have to change some more of the definitions in my config.php file? (the only thing I've changed from above is the define('HTTP_SERVER', 'https://s....' as per Richard's advice.) I'm not 100% clear actually on how the shared SSL set up works - is all the stuff in the secure path just a mirror of the unsecure content? I imagine they're actually the same files, just accessed via different protocols and therefore different paths? So if new stock is uploaded, and the admin section saves new images into the images directory accessed via SSL, the images willstill be accessible via non-secure means? any clarification much appreciated! cheers, theDruid.
TCwho Posted November 19, 2004 Posted November 19, 2004 ^_^ Hmmm....I was just about to post this same question concerning SSL in Admin Console.... ...glad I did a search first :P Drop_Shadow How Did You Hear About Us Email HTML Order Link ---- GMT -5:00
♥Vger Posted November 19, 2004 Posted November 19, 2004 Hardcode this /home/secure/public_html/shop/images/ to your shared ssl address + shop + images. Vger
almost zen Posted November 22, 2004 Posted November 22, 2004 Good stuff - I had the same question and have now fixed it with advice above. One more nitpicky thing: All my admin console pages are now SSL protected, but my admin/index.php page starts off as non-SSL (when the folder permissions password is being sent). Is there any way to set the SSL to kick in before the admin login/password is sent? After all, if we're going to secure this thing might as well make it watertight right?:ph34r: thanks,
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.