Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL installation with https?


crowchick

Recommended Posts

I can't seem to find any documentation on how to enable SSL for the same domain: http://www.mysite.com and https://www.mysite.com

 

I put in https://www.mysite.com as the path to my SSL protected files. When I click on any links in my shop that point to secure "https://" links, the pages cannot be found. Tell me, do I have to upload an exact copy of my osCommerce shop to this directory on my site? If so, would it not be easier to just store the entire shop there instead of bothering to switch between secure and non-secure pages?

 

I don't fancy the idea of having to babysit two very large shopping directories.

 

Any help most appreciated. I tried to figure it out myself. No luck.

Link to comment
Share on other sites

Tell me, do I have to upload an exact copy of my osCommerce shop to this directory on my site? If so, would it not be easier to just store the entire shop there instead of bothering to switch between secure and non-secure pages?

 

I don't fancy the idea of having to babysit two very large shopping directories.

 

Some servers are set up like that, two directories, one http and one https. I don't know why the system designers did that.

 

Sometimes it's possible to set up a symbolic link from the non secure directory to the secure one or the sysadmins at the hosting company can set a method for you.

 

Maintaining a two directory system is not worth the hassle. Fix it or switch hosts.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Sometimes it's possible to set up a symbolic link from the non secure directory to the secure one or the sysadmins at the hosting company can set a method for you.

 

Can you elaborate on that concept a touch more for me? What do you mean by "symbolic?" Do you mean just keep the osCommerce portion of the site in the https directory? (The shop is only a part of the site linked to on a navigation bar on the index page.)

Link to comment
Share on other sites

Can you elaborate on that concept a touch more for me? What do you mean by "symbolic?" Do you mean just keep the osCommerce portion of the site in the https directory? (The shop is only a part of the site linked to on a navigation bar on the index page.)

A symbolic link is an alias. Mac users are very familar with aliases.

 

So on some servers it's possible to put a symbolic link (alias) of the catalog folder in the https folder (or any folder inside the https folder). So when the software looks for "catalog" inside the https (or private_html or whatever it's called on your server) it will find the files it's looking for even though they only exist once on the server.

 

There are other methods of accomplishing the same thing but I've never had to use them. Others here know more about these than I do but they involve getting your host to help you.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

When I first set up the Shared Certificate, my host told me I would have to put anything I wanted to secure in the https folder.

 

Just thought I'd mention it.

 

So?

 

Look here:

 

http://www.tentativa.com/catalog/

 

Ignore the warning about the certificate, it's a bogus one someone else installed on the server. That's a shared server account running under DirectAdmin which uses the public_html and private_html system. It's got a symlink to catalog in the private_html folder.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Okay, well they put up a symbolic link to my http://.../shop at https. However, it's still acting freaky:

 

http://www.subcultureofone.com/shop

 

vs.

 

https://www.subcultureofone.com

 

I'm in over my head now.

 

I'd say your hosting company is in over its head

 

cert.gif

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Still, invalid certificiate aside, I want to know how to make this work. I can pester them over the certificate, but in the end whether or not this works rests upon me. The only reason I even tried osCommerce was because I was tired of using PayPal's "Buy it Now" buttons and horrible shipping options. I wanted invoices that people could print off and mail with a check. The only payment options I want available are PayPal and mailed checks. I'm not doing enough business to worry about messing with credit card transactions right now.

 

So, certificate aside, I really want to make this work.

Link to comment
Share on other sites

The certificate has not expired. It's just that it is a self-signed certificate - both issued to and issued by the hosting company. A 'proper' ssl cert is issued to a website but issued by a trusted provider of ssl certs, such as Verisign, Geotrust etc. As your hosting company is not a trusted provider of ssl certs you'll never get rid of that warning.

 

Vger

Link to comment
Share on other sites

The certificate has not expired.

 

It has expired, regardless of the issuer.

 

7/12/05 is last month, that's U.S. date format.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Well, then, I suppose my question is: If one is only using osCommerce to carry out PayPal and mailed-in transactions (checks and money orders), is SSL necessary? I will not be handling credit card information on the site, and doesn't PayPal secure its own transactions?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...