Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

The SSL In OsCommerce Guide For The Innocent


Simplyeasier

Recommended Posts

  • Replies 401
  • Created
  • Last Reply
Been there , done that , got the t-shirt , still no joy in admin :blink:

 

 

Well, that reply gives no useful info as to what your problem is... I gave you the correct procedure for a properly installed SSL - if it doesn't work, talk with your host.

 

Matti

Link to comment
Share on other sites

My SSL works fine in the catalog area , but not in ADMIN ??

 

I've read this thread , searched , posted , but had no joy yet.

 

I've run the script posted by alanR , the mynev one , ran it on the https and http and eventually got the result of "443" , so i put that in catalog/includes/application_top.php ..... checked all the other files mentioned, but no joy in scuring the admin area.

 

I log into admin on HTTPS , get the padlock and the "you are protected by an unknown .....blah , blah" then when i enter any admin section other than the first screen i'm back to non-secure ????

any help

 

 

Sorry johnson , i posted it earlier , i thought you'd read it when you replied.

 

 

Spoke to my host it was an ID10T error :-"

 

 

Thanks :D

Link to comment
Share on other sites

Hi all,

 

I hope some-one can help me...

 

I'm trying to install an SSL cert from Godaddy on my site, but I just cant get it working :o/

 

Below is my code in includes/configure.php

 

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.smallcraft.be'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://smallcraft.be'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.smallcraft.be');
 define('HTTPS_COOKIE_DOMAIN', 'smallcraft.be');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/');
 define('DIR_WS_IMAGES', 'images/'); 
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

Any help please?

 

Thanks

Best regards

 

Geeraard

Link to comment
Share on other sites

I mentioned this in passing in a previous thread but I'll post it here to make it more clear.

 

If you need to make a change to application_top.php for a shared or dedicated ssl which does not return on for the (getenv('HTTPS') query you really should make one additional change in /includes/functions/general.php.

 

Here's the code, you can see I've tweaked it for a 1and1 server but you should able to figure out how to adapt this to your own needs if you understood my previous fix for application_top.php.

 

//	if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page
  if ( (ENABLE_SSL == true) && ($request_type == 'SSL') && (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') )   { // This is for a shared 1&1 setup
  if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
	$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
  }
}

 

Lots of installations work just fine without this correction but if you look at it you'll see that it makes sense to make it. The people who caught the problem were noticing secure -> non secure pop up warnings when they weren't expected. I think it may also cause other problems but I don't have any clear reports.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Hi all,

 

I hope some-one can help me...

 

I'm trying to install an SSL cert from Godaddy on my site, but I just cant get it working :o/

 

Below is my code in includes/configure.php

 

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.smallcraft.be'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://smallcraft.be'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.smallcraft.be');
 define('HTTPS_COOKIE_DOMAIN', 'smallcraft.be');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/');
 define('DIR_WS_IMAGES', 'images/'); 
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

Any help please?

 

Thanks

Best regards

 

Geeraard

 

Hi all,

 

I realy don't know how to go from here.

 

Either way I try to make this work, it just doesn't... :(

 

Either I receive the 404 errors, or I get first the statement that the Cert is not from my site (It then seems to be the cert from my server???)

 

For instance, I create the code for https://smallcraft.be

I get the 404 page, then when I click on the https://smallcraft.be link on the error page, I'm transferred to my server's site. :blink:

 

Or even more simple: type in this url: https://smallcraft.be and you are transferred to my server's homepage???? :x

 

I tried to use the myenv.php contrib from AlanR but again I get the 404 page :/

 

I am a complete newbe on SSL and cannot figure out why the programme is doing this.

 

I have a cPanel interface on the server on which I installed two certs from GoDaddy: the web server cert and the intermediate cert.

The cert was issued to smallcraft.be and not to www.smallcraft.be

 

With the above info, does some-one have Ideas on how to solve this problem?

 

Thanks in advance!

Best regards

 

Geeraard

Link to comment
Share on other sites

Has anyone run into these problems? I have read and read but can't seem to find anything.

 

My catalog/includes/config.php file won't save my settings for some reason. I put in "www." for https server and "true" for enable_ssl and it won't stick.

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://mydomain.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://mydomain.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'mydomain.com');

define('HTTPS_COOKIE_DOMAIN', 'mydomain.com');

define('HTTP_COOKIE_PATH', '/store/');

define('HTTPS_COOKIE_PATH', '/store/');

define('DIR_WS_HTTP_CATALOG', '/store/');

define('DIR_WS_HTTPS_CATALOG', '/store/');

Link to comment
Share on other sites

Alright, if I keep at this long enough I will answer all my own questions.

 

Ok, got the site the way I want it. The only problem that I have now is when I go to "checkout", non of the graphics appear.

 

Any ideas? (This is all I have left on a live site!)

 

Thanks,

Mark

Link to comment
Share on other sites

Create a little file, I named it myenv.php, with these lines:

 

<?php
 echo 'HTTP HOST: ' . "$HTTP_HOST";
 echo '<br>Server Port: ' . getenv('SERVER_PORT');
 echo '<br>SSL Status: ' . getenv('HTTPS');
 echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
 echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
 echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

If you put that somewhere on the server, probably root and run it like so:

 

https://ssl.shared.com/mydomain.com/myenv.php you'll be able to see how the server responds to these queries. You'll need to change this to fit your situation but you get the idea.

 

 

I am trying to use this tip for fixing my SSL problem.

 

I don't get the meaning here: https://ssl.shared.com/mydomain.com/myenv.php

 

I don't know what should mine be in this case... is anyone can help me to figure it out???

 

FYI: my SSL is provided by starfieldtech.com

Wanwan -- %_%_

Link to comment
Share on other sites

I am trying to use this tip for fixing my SSL problem.

 

I don't get the meaning here: https://ssl.shared.com/mydomain.com/myenv.php

 

I don't know what should mine be in this case... is anyone can help me to figure it out???

 

FYI: my SSL is provided by starfieldtech.com

So you've got a dedicated ssl and your site urls are (say):

 

http://www.wanwan.com

and

https://www.wanwan.com

 

So you run the script as

 

http://www.wanwan.com/myenv.php

and

https://www.wanwan.com/myenv.php

 

and look at the difference in responses between the two. Simpler than you thought, right?

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

When I run the php file to check my settings, my output is as follows:

 

$HTTP_HOST = theparentingcoach.com.customers.tigertech.net

$HTTPS_HOST =

getenv('SERVER_PORT') = 80

getenv('HTTPS') =

getenv('HTTP_X_FORWARDED_SERVER') = www.tigertech.net

getenv('HTTP_X_FORWARDED_HOST') = www.tigertech.net

getenv('HTTP_X_FORWARDED_BY') =

$_SERVER['HTTPS'] =

getenv('DOCUMENT_ROOT') = /var/www/html/th/theparentingcoach.com

$DOCUMENT_ROOT = /var/www/html/th/theparentingcoach.com

 

I do have a lock at the bottom when running this file (https://www.tigertech.net/ssl/theparentingcoach.com/test.php) but the info for HTTPS lines is missing. I think something is wrong - what am I missing here?

Link to comment
Share on other sites

When I run the php file to check my settings, my output is as follows:

I do have a lock at the bottom when running this file (https://www.tigertech.net/ssl/theparentingcoach.com/test.php) but the info for HTTPS lines is missing. I think something is wrong - what am I missing here?

$HTTP_HOST = theparentingcoach.com.customers.tigertech.net

$HTTPS_HOST =

getenv('SERVER_PORT') = 80

getenv('HTTPS') =

getenv('HTTP_X_FORWARDED_SERVER') = www.tigertech.net

getenv('HTTP_X_FORWARDED_HOST') = www.tigertech.net

getenv('HTTP_X_FORWARDED_BY') =

$_SERVER['HTTPS'] =

getenv('DOCUMENT_ROOT') = /var/www/html/th/theparentingcoach.com

$DOCUMENT_ROOT = /var/www/html/th/theparentingcoach.com

 

Set line 41 line as below (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'www.tigertech.net') ? 'SSL' : 'NONSSL';

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Set line 41 line as below (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'www.tigertech.net') ? 'SSL' : 'NONSSL';

Perfection - thank you!

Link to comment
Share on other sites

Hi,

 

My client just signed up for a tracking system. I've added the code to index.php just before the </body> tag.

 

When returning to index.php from the secure pages I get a page contains insecure items message. I think I need to add a 'NONSSL' to the links in my header/footer/column left that link to index.php. What should this code look like exactly?

Link to comment
Share on other sites

Hi,

 

My client just signed up for a tracking system. I've added the code to index.php just before the </body> tag.

 

When returning to index.php from the secure pages I get a page contains insecure items message. I think I need to add a 'NONSSL' to the links in my header/footer/column left that link to index.php. What should this code look like exactly?

I can't find out why this is still triggering I've added the nonssl code to every place I have a link to index.php

 

Here is my site - Binders by the Box

Link to comment
Share on other sites

hello alan my catalog side is working properly. but the admin shows "you are not protected...." at first page.

next when i click on modules-->payments link a page opens with the pad lock , but no payment methods are there. the list is empty. when i go to "tools" link , it gives error "backups directory is not created.."

still the padlock is there.

 

here is my configure.php:

 

define('HTTP_SERVER', 'http://www.bathroomsupplies.co.uk'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://ss63.shared.server-system.net/~bathroomsupplies.co.uk/'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.bathroomsupplies.co.uk');

define('HTTPS_COOKIE_DOMAIN', 'ss63.shared.server-system.net/~bathroomsupplies.co.uk/');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

 

AND here is adminn/icludes/configure.php (i named the "admin" as "adminn" don't wory it's right)

define('HTTP_SERVER', 'https://ss63.shared.server-system.net/~bathroomsupplies.co.uk/'); // eg, http://localhost or - https://localhost should not be NULL for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.bathroomsupplies.co.uk');

define('HTTPS_CATALOG_SERVER', 'https://ss63.shared.server-system.net/~bathroomsupplies.co.uk/');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)

 

define('DIR_WS_ADMIN', 'adminn/');

define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);

define('DIR_WS_CATALOG', '/');

define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);

 

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

 

And when i runs https://ss63.shared.server-system.net/~bath...co.uk/myenv.php

the answer is:

HTTP HOST: ss63.shared.server-system.net

Server Port: 443

SSL Status: on

Fowarded Server:

Fowarded Host:

Fowarded By:

 

And when i runs http://ss63.shared.server-system.net/~bath...co.uk/myenv.php

the answer is:

HTTP HOST: ss63.shared.server-system.net

Server Port: 80

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By:

 

my line 41 is:

========

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

can you help me.

please help me

>_<

Link to comment
Share on other sites

Hi...

 

I'm having a big problem with a SSL cert that I just installed on this site. The site address is http://www.Burnnetworks.com. The SSL cert is issued to www.Burnnetworks.com. For some reason, I cant view the main part of the site in Internet Explorer at all.. No matter what computer I go to, IE will not show the site. I usually get a "Page Cannot Be Displayed" error. I can view the site in Firefox just fine!

 

Here is my /includes/configure.php

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.burnnetworks.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.burnnetworks.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL',true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.burnnetworks.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.burnnetworks.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/');

 

Here is my /admin/includes/configure.php

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.burnnetworks.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.burnnetworks.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.burnnetworks.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

OSCommerce is installed in the root of the site.

 

This only started to happen once I installed the SSL cert onto the site. Any help anyone can give on this is GREATLY appreciated! :)

Link to comment
Share on other sites

Hello peeps.

 

I've done all the suggestions, and checked net. But after 3 hours on working with this, I think it's best to ask for ur'z help pweeeeasseee :)

 

I have managed to get the myenv file working, and when I go to that page I do see a padlock. I have managed to get the main admin page to show padlock. But in the box it still says not protected by ssl. When I click other pages, it goes back to the standard HTTP url.

 

Though I am not to concerned with the admin section being SSL, as I have that secure. I am more concerned with getting SSL working in store to protect our customers when ordering. What I have found is when I goto checkout, etc... the url goes to HTTPS - all good there. Just the padlock doesn't show. If I press F5 to refresh the page - I get padlock for couple of sec's, as soon as page loads, the lock isn't there anymore :(

 

Here is what I get when I run the myenv.php file:

$HTTP_HOST = moon-head.com

$HTTPS_HOST =

getenv('SERVER_PORT') = 80

getenv('HTTPS') =

getenv('HTTP_X_FORWARDED_SERVER') = sslrelay.com

getenv('HTTP_X_FORWARDED_HOST') = sslrelay.com

getenv('HTTP_X_FORWARDED_BY') = United Internet SSL Proxy

$_SERVER['HTTPS'] =

getenv('DOCUMENT_ROOT') = /kunden/homepages/23/d125201020/htdocs/eStore/SexToySuperstore

$DOCUMENT_ROOT = /kunden/homepages/23/d125201020/htdocs/eStore/SexToySuperstore

 

I tried changing the ***_COOKIE_PATH sections, but when I do that, the site looses it's nice layout. So i've kept it like that :D.

 

My configure.php file:

define('HTTP_SERVER', 'http://www.moon-head.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://sslrelay.com/moon-head.com/'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.moon-head.com');

define('HTTPS_COOKIE_DOMAIN', 'https://sslrelay.com/moon-head.com/');

define('HTTP_COOKIE_PATH', '');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '');

define('DIR_WS_HTTPS_CATALOG', '');

define('DIR_WS_IMAGES', 'images/');

 

And finaly here is my application_top.php file:

// set the type of request (secure or not)

// ORIGINAL $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

$request_type = (eregi ($HTTP_HOST, HTTPS_SERVER)) ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com/moon-head.com') ? 'SSL' : 'NONSSL';

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

All help will be greatly appreciated. Have a top festive season peeps.

Link to comment
Share on other sites

Hello peeps.

 

I've done all the suggestions, and checked net. But after 3 hours on working with this, I think it's best to ask for ur'z help pweeeeasseee :)

 

My configure.php file:

define('HTTP_SERVER', 'http://www.moon-head.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://sslrelay.com/moon-head.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.moon-head.com');

define('HTTPS_COOKIE_DOMAIN', 'https://sslrelay.com/moon-head.com/');

define('HTTP_COOKIE_PATH', '');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '');

define('DIR_WS_HTTPS_CATALOG', '');

define('DIR_WS_IMAGES', 'images/');

 

And finaly here is my application_top.php file:

// set the type of request (secure or not)

// ORIGINAL $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

$request_type = (eregi ($HTTP_HOST, HTTPS_SERVER)) ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com/moon-head.com') ? 'SSL' : 'NONSSL';

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

All help will be greatly appreciated. Have a top festive season peeps.

 

This stuff is just not that complicated. Just think through it.

 

define('HTTP_SERVER', 'http://www.moon-head.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://sslrelay.com/moon-head.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.moon-head.com');

define('HTTPS_COOKIE_DOMAIN', 'sslrelay.com/moon-head.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

 

// set the type of request (secure or not)

// ORIGINAL $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ? 'SSL' : 'NONSSL';

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Wow maestro Alan.

 

A big big thank you to you :D :thumbsup: B) its working now . I hope you have a great Christmas and a brilliant new year. I had an idea it must be something to do with the forwarding. But you've saved me pulling out a lot of hair! :D

 

:D :D :D

Don't forget to fix /catalog/includes/functions/general.php as well.

 

// Modded below for 1&1 Shared ssl

// if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page

if ( (ENABLE_SSL == true) && (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ) { // We are loading an SSL page

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Hello all,

 

I am having problems with SSL on my site as well:

 

Catalog - The padlock is not appearing and when logged in some pages are SSL and some are not.

Admin ? I have tried in vain to SSL protect this but it just ain't happening

 

I have searched through the forums and tried the myenv.php tests (Big thanks to AlanR) - when SSL is on it returns: getenv('HTTPS') = on

- my application_top.php appears to be correctly setup for this with:

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

 

 

I just don't know how to resolve this issue, any help will be most appreciated.

 

Cheers,

 

Nagsy

Link to comment
Share on other sites

Hello all,

 

I am having problems with SSL on my site as well:

 

Catalog - The padlock is not appearing and when logged in some pages are SSL and some are not.

Admin ? I have tried in vain to SSL protect this but it just ain't happening

 

Your base href isn't switching.

 

<base href="http://www.mysite.co.uk/">

 

You better post the results from myenv.php and the line from application_top.php

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...