timisnumber9 Posted November 24, 2004 Posted November 24, 2004 Hi, I was using shared SSL but since then have changed to ge my own SSL certificate as I didnt want the user to be prompted with the security alert pop up when they tried to enter the SSL part of the site. my SSL certificate works fine and swithces between SSL and non SSL mode perfectly it is just the error message that i want to get rid of! It is something like: SECURITY ALERT! ! The security certificate was issued by a company you have chosen not to trust. View the certificate to determine wether you want to trust the certificate authority. there are also two other statements on this alert but they are ticked as fine it is just the first one as shown above that is the problem. Can this be removed some how? Is there a way arond this alert as it doesnt look too good! The security certificate was issued as mydomain.com and not www.mydomain.com is this an issue? Please help. Cheers, Tim
Guest Posted November 24, 2004 Posted November 24, 2004 You just answered your own question. The security certificate was issued as mydomain.com and not www.mydomain.com is this an issue? You will have to make sure your url's in the configure.php files don't have the www and the error should go away
♥Vger Posted November 24, 2004 Posted November 24, 2004 It would be interesting to know what domain pathway is shown if you click to view the details of the certificate? 'Trusted' sites are, by default https sites, so I am wondering if your configure.php files are set to https for ssl. Other than that - a few things you can try. 1. See if your ssl provider will re-issue the certificate as www.yourdomain.com. Some will reissue for free within a certain period of time. But this would mean reinstalling. 2. Make sure that your https pathways are set to https://yourdomain.com, and not https://www.yourdomain.com in your two configure.php files. See if this helps - if not - repost. Vger
timisnumber9 Posted November 24, 2004 Author Posted November 24, 2004 I have checked the 2 configure files and they are both set to the correct https://mydomain.com and not the incorrect https://www.mydomain.com The two bottom statements of are tick and are shown to be ok they are: (tick) - The security certificate date is valid (tick) - The security certificate has a valid name matching the name of the site you are trying to view. It is just the top warning that is at fault i beleive - ! The security certificate was issued by a company you have chosen not to trust. View the certificate to determine wether you want to trust the certificate authority. What do you think? Is there are default list of SSL providers that are built into web browsers? Perhaps the company that issued my SSL cert isnt part of this list? check the error out by clicking on "my account" hen you go to the shopfront: http://www.scentalicious.com/catalog Cheers, Tim.
Guest Posted November 24, 2004 Posted November 24, 2004 the top error is because of the security setting you have on your own browser, thus if you want it to go away, add your site into the trusted site zones
timisnumber9 Posted November 24, 2004 Author Posted November 24, 2004 Yes i did add the site to the trusted zones and i guess that all people that view the site could do the same. I have viewed a few other oscommerce sites and i havent had the issue of this pop up and so i havent had to add the sites to my trusted list. This is what i want as i think it looks a lot more professional without the pop up. any ides? Cheers, Tim
Guest Posted November 24, 2004 Posted November 24, 2004 where did you get your cert from? internet explorer says 'This certificate cannot be verified up to a trusted certification authority' thus ipsCA CLASEA1 Certification Authority may not be a good one?
timisnumber9 Posted November 24, 2004 Author Posted November 24, 2004 Hmmmm.....yeah i thought about that! ISPCA was the name of the company.... Might need to get a CERT from a more reputable vendor! Doh! >_< Cheers, Tim
Guest Posted November 24, 2004 Posted November 24, 2004 Great, a link helps.. Yes, I'm getting that error as well... problem with the certificate I think
awisdoms Posted November 24, 2004 Posted November 24, 2004 timisnumber9, hi. Sorry I can't help with your problem (I'm still learning all this)... I was however wondering if you could help me with a little something, as it seems you've conquered it. As far as installing the SSL certificates, how do you go about doing that? I mean, I (finally!!) found my way into the includes/configure.php file, but DON'T know exactly WHAT to change. And, as far as changing goes, is there *another* page I should be editing? Where do I even begin? What I'm trying to do is get my site secured. I'm not sure if what I need to be doing here is securing my checkout page (though, I've seen twelve of those in variation in my files -- not sure which one!), or securing my -entire- site. I realize everything I've said here is jumbled, but like I said, I'm learning. Could you offer any advice, or help, as far as where or how to start? Hi, I was using shared SSL but since then have changed to ge my own SSL certificate as I didnt want the user to be prompted with the security alert pop up when they tried to enter the SSL part of the site. my SSL certificate works fine and swithces between SSL and non SSL mode perfectly it is just the error message that i want to get rid of! It is something like: SECURITY ALERT! ! The security certificate was issued by a company you have chosen not to trust. View the certificate to determine wether you want to trust the certificate authority. there are also two other statements on this alert but they are ticked as fine it is just the first one as shown above that is the problem. Can this be removed some how? Is there a way arond this alert as it doesnt look too good! The security certificate was issued as mydomain.com and not www.mydomain.com is this an issue? Please help. Cheers, Tim <{POST_SNAPBACK}>
♥Vger Posted November 24, 2004 Posted November 24, 2004 Yes, I think you've hit the nail on the head. There is a list in your computer, in the trusted root store I think, that has a list of companies who issue ssl's, and if the company you bought yours off isn't in there then you'll get that warning. I purchase GeoTrust Express SSL for my customers, and I've never had any problems with them - and they cost less than $50 a year! Vger Hmmmm.....yeah i thought about that! ISPCA was the name of the company.... Might need to get a CERT from a more reputable vendor! Doh! >_< Cheers, Tim <{POST_SNAPBACK}>
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.