Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Certificate question


robguay

Recommended Posts

Security_Alert.png

 

After speaking to "Starfield Technologies" my certificate peps, they informed me that my customers are getting this Alert because they are passed to a link or address that does not begin with "www"

 

ie https://www.feedroller.com/Store/login.php (Good to go)

https://feedroller.com/Store/login.php (Alert pop up)

 

Our cert is written to "www.feedroller.com", not to "feedroller.com"

 

I did take a look at my configure.php to see where the global variables HTTP_SERVER & HTTPS_SERVER they are both pointing. They are set to www.feedroller.com

 

Help Please: Where in the store is it pulling the "www" off the address?

Link to comment
Share on other sites

Firstly, you have two configure.php files, one for 'admin' and one for the store front. Make sure that for https_server it says https://www.yourdomain.com in the includes/configure.php file.

 

Make sure that your https cookie domain is set to www.yourdomain.com

 

If that's not it then check to see if you have another configure.php file in a folder called 'local' in the includes folder. If you do then delete it.

 

Other than that there is no reason why anyone should be accessing any of the https pages via https:// instead of https://www.

 

Vger

Link to comment
Share on other sites

Firstly, you have two configure.php files, one for 'admin' and one for the store front.  Make sure that for https_server it says https://www.yourdomain.com in the includes/configure.php file.

 

Make sure that your https cookie domain is set to www.yourdomain.com

 

If that's not it then check to see if you have another configure.php file in a folder called 'local' in the includes folder.  If you do then delete it.

 

Other than that there is no reason why anyone should be accessing any of the https pages via https:// instead of https://www.

 

Vger

 

 

my configure.php in the store (include/configure.php)

define('HTTP_SERVER', 'http://www.feedroller.com');

define('HTTPS_SERVER', 'https://www.feedroller.com');

define('ENABLE_SSL', true);

 

my configure.php admin (admin/include/configure.php)

define('HTTP_SERVER', 'http://www.feedroller.com');

define('HTTP_CATALOG_SERVER', 'http://www.feedroller.com');

define('HTTPS_CATALOG_SERVER', 'https://www.feedroller.com');

define('ENABLE_SSL_CATALOG', 'true');

 

my configure.php other (archive/extras/win32)

define('HTTP_SERVER', 'http://localhost');

define('HTTPS_SERVER', 'https://localhost');

define('ENABLE_SSL', 0);

 

No configure.php in any of the "local" folder.

 

Sorry not sure at this point!

 

Thanks a million for the help!

Link to comment
Share on other sites

You don't need the other configure.php file in the archive folder. Try deleting it and see if that helps. Your site shouldn't be referencing that file, but your other configure.php files appear to be set up correctly, so at this point anything is worth a try.

 

Vger

Link to comment
Share on other sites

You don't need the other configure.php file in the archive folder.  Try deleting it and see if that helps.  Your site shouldn't be referencing that file, but your other configure.php files appear to be set up correctly, so at this point anything is worth a try.

 

Vger

 

 

Thanks I will give it a try.

 

Will keep you posted on the success!

 

Thanks again! :thumbsup:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...