SSL Where should I install

[Guest]

Hi,

 

I am new to PHP and want to install ssl on my os shop. my hosting company wants to install on the whole site????

 

This does not seem correct to me as my old webite not PHP had a non secure for product pages and secure ssl for the order and members pages.

 

Does the person at my hosting company have a clue what they are doing???

 

Is this ok rto do this???

 

Will it slow down the site???

 

And will I get the disply secure and non-secure items problem and have to change a lot of image url files in my site????

 

Can anyone help???

 

Many Thanks

 

 

Julian

[ozcsys]

You will find this is better. You really should not need to have a seperate folder for your secure pages as osC will automatically use ssl for the secure pages. All you need to do is set ssl to true in your configure.php files and make sure your https defines are correct and you will find that when the customer is checking out or entering personal info he will go to secure and when no personal info is involved he will be on non secure pages.

[cowlesj]

.... All you need to do is set ssl to true in  your configure.php files and make sure your https defines are correct .....

<{POST_SNAPBACK}>

 

we've found the following works in the catalog/includes/configure.php file:

 

THhs assumes that your hosting set up includes an SSL directory on the same server at the same level as public_html (or equivalent). The only files in here should be the key and certificate related stuff.

 

in configure.php make your define look like this:

 

  define('HTTPS_SERVER', 'https://www.mydomain.com/~acme');

 

where ~acme is the root directory of your hosting area as defined by your hosting company. The tilde is the bit that does the magic. A simple explanation is that it routes the https:// call through the security stuff and out into the normal directories where your code files are.

 

The SSL directory will typically be above the public_html directory.

Do not put anything in it.

[♥Vger]

define('HTTPS_SERVER', 'https://www.mydomain.com/~acme');

 

That would be the path for an install into a directory called 'acme' above the root of the domain itself. I would recommend anyone installing a full ssl cert to make use of the root directory for their osCommerce site, and not to mess about with redirects, either .htaccess of meta in order for someone to go directly to their osCommerce store.

 

In my experience the tilde is only of value when used with a shared ssl, as in https://servername.hostcompany.com/~yourdomain or ~your ssl folder

 

Vger

[FixItPete]

That would be the path for an install into a directory called 'acme' above the root of the domain itself.  I would recommend anyone installing a full ssl cert to make use of the root directory for their osCommerce site, and not to mess about with redirects, either .htaccess of meta in order for someone to go directly to their osCommerce store.

 

In my experience the tilde is only of value when used with a shared ssl, as in https://servername.hostcompany.com/~yourdomain or ~your ssl folder

 

Vger

<{POST_SNAPBACK}>

 

Vger (or anyone else)...

 

Could you explain this to me?

 

I have a full SSL cert that is @ /usr/wwws/users/name on my server (shared server)

 

When I go to https://www.domain.com is see a dir with my cgi-bin...

 

When I go to "checkout" on my store I get a "Page Not Found"

 

I did not get any errors or have any problems with my installation. In addition, when I go to my Admin screen it shows that I am NOT connected via SSL.

 

What have I done wrong?

 

Thanks,

Pete