Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Some items secure, others aren't


mattjoo

Recommended Posts

I have SSL through VeriSign and everything works great aside from the fact that on each checkout page, a little window comes up saying that some items are secure and some aren't. Do you want to display the non-secure items?

 

My question is, how do I make everything secure so the box will leave me alone?

 

 

One more question I had is, what do you have to type in a page (source code) to make it be secure? I want my admin page always to be secure but right now, it only will if I type https:// at the beginning. I see in many other pages they do a redirect to themselves or something. Is this how it is supposed to be done?

 

Thanks in advance for the help!

Link to comment
Share on other sites

I have SSL through VeriSign and everything works great aside from the fact that on each checkout page, a little window comes up saying that some items are secure and some aren't.  Do you want to display the non-secure items?

 

My question is, how do I make everything secure so the box will leave me alone?

One more question I had is, what do you have to type in a page (source code) to make it be secure?  I want my admin page always to be secure but right now, it only will if I type https:// at the beginning.  I see in many other pages they do a redirect to themselves or something.  Is this how it is supposed to be done?

 

Thanks in advance for the help!

 

go to checkout, view your source and look for all src= strings.

if you find one that has http:// behind it, that is your unsecure content.

either remove that link or make it secure.

 

 

you can permanently ssl secure your admin by setting the first line in admin/configure.php to https://

Treasurer MFC

Link to comment
Share on other sites

go to checkout, view your source and look for all src= strings.

if you find one that has http:// behind it, that is your unsecure content.

either remove that link or make it secure.

you can permanently ssl secure your admin by setting the first line in admin/configure.php to https://

 

Thanks for the reply. However, my admin still isn't secured. I noticed you said the admin/configure.php file BUT, this file doesn't exist. There is a configuration.php. The file I edited was admin/includes/configure.php which is the one I assumed you meant, and this is what I have...

 

  define('HTTP_SERVER', 'https://www.washingtongifts.com');
 define('HTTP_CATALOG_SERVER', 'http://www.washingtongifts.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.washingtongifts.com');
 define('ENABLE_SSL_CATALOG', 'true');

 

Did I do the wrong file?

Link to comment
Share on other sites

You've got a potentially expensive problem here.

 

You wantd to use https://www.washingtongifts.com as your ssl address but you've registered https://washingtongifts.com with Verisign

 

Two solutions:

1. Use washingtongifts.com instead of www.washingtongifts.com as your ssl address.

2. Buy another certificate for www.washingtongifts.com

 

Personally I'd go with the first option.

 

... Maybe a third option.

3. If you really want to use www.washingtongifts.com instead of just washingtongifts.com then you might ask Verisign if you can change it at no extra cost. As far as I know, Versign is more flexible than other "low prices" competitors.

Link to comment
Share on other sites

go to checkout, view your source and look for all src= strings.

if you find one that has http:// behind it, that is your unsecure content.

either remove that link or make it secure.

you can permanently ssl secure your admin by setting the first line in admin/configure.php to https://

 

I feel silly asking this, but did you mean all the hyperlinks that have a src= string? I am having some serious trouble here.

 

Thank you again.

Link to comment
Share on other sites

I feel silly asking this, but did you mean all the hyperlinks that have a src= string?  I am having some serious trouble here.

 

Thank you again.

 

No, your images will have a src= string. If you've specified absolute paths for images you will get the ssl error you're getting.

 

Call images like this:

 

src= images/image.jpg

 

Instead of:

 

scr=http://www.yoursite.com/images/image.jpg

 

That way they will work for both http and https.

Quidquid latine dictum sit, profundum viditur.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...