Swindon_Boy Posted June 13, 2005 Posted June 13, 2005 I have an SSL certificate installed on my website and the padlock will not show. any ideas as to why? the URL is https://www.black-thong.com
Guest Posted June 13, 2005 Posted June 13, 2005 Looks like you're not configured to go ssl in your configure.php. Try posting your configure.php without the database info and someone will help.
Swindon_Boy Posted June 13, 2005 Author Posted June 13, 2005 my configure.php looks like this, any help gratefully accepted. <?php /* $Id: configure.php,v 1.14 2003/07/09 01:15:48 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://black-thong.com'); define('HTTPS_SERVER', 'https://black-thong.com'); define('ENABLE_SSL', false); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'http://black-thong.com'); define('HTTPS_COOKIE_DOMAIN', 'https://black-thong.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/osCommerce/'); define('DIR_WS_HTTPS_CATALOG', '/osCommerce/'); define('DIR_WS_IMAGES', '/osCommerce/images/'); define('DIR_WS_ICONS', '/osCommerce/icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME'])); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection
Guest Posted June 13, 2005 Posted June 13, 2005 enable ssl is set to false! your secure cookie path isn't defined and your cookie domains don't look right. There's something I set up that works for me but someone like jack mcs knows a more accurate way to define them.
Guest Posted June 13, 2005 Posted June 13, 2005 he's a good helper here on the board. Here's mine, but he knows something a bit more universal or accepted (mine works fine) define('HTTP_SERVER', 'http://www.gardenvines.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.gardenvines.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.gardenvines.com'); define('HTTPS_COOKIE_DOMAIN', 'www.gardenvines.com'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', 'www.gardenvines.com/catalog/');
Guest Posted June 13, 2005 Posted June 13, 2005 jack's on the board right now, maybe he'll read this.
♥Vger Posted June 13, 2005 Posted June 13, 2005 Your certificate is made out to www.yourdomain.com and not to yourdomain.com. Hence your settings should be: define('HTTP_SERVER', 'http://ww.black-thong.com'); define('HTTPS_SERVER', 'https://www.black-thong.com'); define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.black-thong.com'); define('HTTPS_COOKIE_DOMAIN', 'www.black-thong.com'); Vger
Swindon_Boy Posted June 13, 2005 Author Posted June 13, 2005 Ok, I have checked all the much appreciated help against what I have and the padlock appears, then disapears. Any more ideas anyone? :(
♥Vger Posted June 13, 2005 Posted June 13, 2005 Any more ideas anyone? Yes, follow the advice in my post. I just went back to your site and the https pages are still set to https://yourdomain.com and not to https://www.yourdomain.com. These settings are not optional. Your certificate is made out to www.yourdomain.com, and that's the way the configure.php files must be set up. Vger
Guest Posted June 13, 2005 Posted June 13, 2005 Look for page elements that are not secure like images hosted elsewhere. Did you take Rhea's advice about the www in your cert? You must refer to it properly. I get a warning when I try to go to your My Account page. You'll do your competition great favors if you don't fix this.
♥Vger Posted June 13, 2005 Posted June 13, 2005 Dan - the images are all generating ssl errors, because their pathway is https://yourdomain.com, and not https://www.yourdomain.com (as per the cert). Vger
Swindon_Boy Posted June 13, 2005 Author Posted June 13, 2005 Ok, I have set my configure.php to the following and the padlock still disapears. Sorry to seem thick, I have not done this before. :'( // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.black-thong.com/'); define('HTTPS_SERVER', 'https://www.black-thong.com/'); define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.black-thong.com/'); define('HTTPS_COOKIE_DOMAIN', 'www.black-thong.com/'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/osCommerce/'); define('DIR_WS_HTTPS_CATALOG', '/osCommerce/'); define('DIR_WS_IMAGES', '/osCommerce/images/'); define('DIR_WS_ICONS', '/osCommerce/icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
♥Vger Posted June 13, 2005 Posted June 13, 2005 The SSL cert is working fine now, exactly as it should do. I think that maybe there's some confusion over how the ssl works. You don't have all of your store behind ssl, only parts of it, the parts that need to be secure. So the Create Account and Login pages are https (because they send data), and the My Account area is under https (again it sends data when updating/editing), and most of the Checkout Process is under SSL, but not the Shopping Cart itself (not actually part of the checkout process). Vger p.s. These are wrong: define('DIR_WS_IMAGES', '/osCommerce/images/'); define('DIR_WS_ICONS', '/osCommerce/icons/'); take out the /osCommerce/ because that's already covered.
Swindon_Boy Posted June 13, 2005 Author Posted June 13, 2005 What can I say, but....... :D Thanks for all your help on this, these forums are great and you guys so helpful to us newbies!!! Thanks again :thumbsup:
♥Vger Posted June 13, 2005 Posted June 13, 2005 I was a newbie just 18 months ago - so know what it's like. Vger
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.