Guest Posted July 30, 2005 Share Posted July 30, 2005 I know this is a dead horse, and I have racked through posts all night and tried various configurations to no avail. Frustrating as all get out! Here's what we have * GeoTrust Premium SSL * 1 and 1 hosting We are trying to get the following to work * Store is non-SSL * Store goes to SSL upon login or checkout * Padlock must appear * Admin side all SSL * Add the GeoTrust SSL seal to the site homepage We have changed config.php so many times it's getting threadbare :blink:. Is there a definitive solution to make this work - just a point to a posting would be of great help. THANKS! Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2005 Share Posted July 30, 2005 I know this is a dead horse, and I have racked through posts all night and tried various configurations to no avail. Frustrating as all get out!Here's what we have * GeoTrust Premium SSL * 1 and 1 hosting We are trying to get the following to work * Store is non-SSL * Store goes to SSL upon login or checkout * Padlock must appear * Admin side all SSL * Add the GeoTrust SSL seal to the site homepage We have changed config.php so many times it's getting threadbare :blink:. Is there a definitive solution to make this work - just a point to a posting would be of great help. THANKS! <{POST_SNAPBACK}> Replying to myself - how unique! OK - for 1 and hosting, I fixed the first three problems: (Store is non-SSL, Store goes to SSL upon login or checkout, Padlock must appear) with the info in this post: http://www.oscommerce.com/forums/index.php?sho...ndpost&p=283800 Now to get the seal problems hammered.... Thanks to ALL in the brainrtust here! Link to comment Share on other sites More sharing options...
AlanR Posted July 30, 2005 Share Posted July 30, 2005 Replying to myself - how unique! OK - for 1 and hosting, I fixed the first three problems: (Store is non-SSL, Store goes to SSL upon login or checkout, Padlock must appear) with the info in this post: http://www.oscommerce.com/forums/index.php?sho...ndpost&p=283800 Now to get the seal problems hammered.... Thanks to ALL in the brainrtust here! <{POST_SNAPBACK}> That post/solution does not fix your problem if you have a dedicated ssl. If you check your <base href="http://www.yourdomain.com/catalog/"> line near the top of every page you'll find it's always <base href="https://www.yourdomain.com/catalog/"> It's always reading files via the ssl link. The correct solution for dedicated ssl with 1&1 is Line 41, application_top.php $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; Note the '1' instead of the 'on'. It's that simple. Here's a little script you can use to check for yourself. Just name it something like myenv.php and drop it in a folder then run it, say https://www.mydomain.com/myenv.php <?php echo 'HTTP HOST: ' . "$HTTP_HOST"; echo '<br>Server Port: ' . getenv('SERVER_PORT'); echo '<br>SSL Status: ' . getenv('HTTPS'); echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER'); echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST'); ?> Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2005 Share Posted July 30, 2005 That post/solution does not fix your problem if you have a dedicated ssl. If you check your <base href="http://www.yourdomain.com/catalog/"> line near the top of every page you'll find it's always <base href="https://www.yourdomain.com/catalog/"> It's always reading files via the ssl link. The correct solution for dedicated ssl with 1&1 is Line 41, application_top.php $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; Note the '1' instead of the 'on'. It's that simple. Here's a little script you can use to check for yourself. Just name it something like myenv.php and drop it in a folder then run it, say https://www.mydomain.com/myenv.php <?php ? echo 'HTTP HOST: ' . "$HTTP_HOST"; ? echo '<br>Server Port: ' . getenv('SERVER_PORT'); ? echo '<br>SSL Status: ' . getenv('HTTPS'); ? echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER'); ? echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST'); ?> <{POST_SNAPBACK}> Hey it worked I had tried it before and it didn't work. I must have completely spaced on that line as I saw it commented out (//). Works like a charm Link to comment Share on other sites More sharing options...
AlanR Posted July 30, 2005 Share Posted July 30, 2005 Hey it worked I had tried it before and it didn't work. I must have completely spaced on that line as I saw it commented out (//). Works like a charm <{POST_SNAPBACK}> The fix you quoted in your second post is a bad (negative even) solution for dedicated ssl on 1&1. It will make the system appear to work when in reality it's roughly the same as permanently setting this: define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG); Since the test will always resolve true. That eregi solution is a poor fix for shared ssl as well since there's too many ways to mess it up. I posted a much more solid solution here: http://www.oscommerce.com/forums/index.php?sho...ndpost&p=664360 Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.