Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

SSL with 1and1.com

erikwoods

By erikwoods
in General Support

Recommended Posts

erikwoods

erikwoods

Posted
Posted

Someone mentioned earlier that it was complicated to get SSL to work with osCommerce's shopping cart when using a 1and1 hosting package.

 

Is there any documentation to help or anything? I am extremely new to SSL. I know very little about it.

 

Thanks.

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
ok- I made the changes to includes/configure.php and application_top.php and um... I am not sure why I don't get a secure sign.

 

By the way- what should the CHMOD be for configure.php? I have it set to 444 right now.

Exactly what changes did you make?

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

to includes/configure.php:

  define('HTTP_SERVER', 'http://michigantinceilings.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://michigantinceilings.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.michigantinceilings.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.michigantinceilings.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

to includes/application_top.php- around line 41

 

changed

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

to:

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

I'm guessing it has something to do with the way that my shared SSL is set up. Right now I have a subdomain pointing towards the catalog directory (the main store). estore.michigantinceilings.com points to michigantinceilings.com/catalog/.

 

The SSL settings in the control panel says it's set up for https://ssl.perfora.net/estore.michigantinceilings.com

 

(ignore the root dir- I didn't design that... I'd be ashamed to say I did. Heheh.)

 

So should I change something in the config file for HTTPS_SERVER?

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
to includes/application_top.php- around line 41

 

changed

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

to:

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

 

 

That's the wrong solution for shared ssl, that one's for dedicated ssl.

 

You'll find the solution here:

 

1&1 and SSL

 

Your configure.php file looks fine and it will work once you make the correct change to line 41.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

ok, I changed the line to

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL';

 

if you go to https://ssl.perfora.net/estore.michigantinceilings.com/ it shows the ssl icon but it broke all the images for some reason.

 

Is there a way to set a subdomain to the estore so that it's not all long and confusing for the customer? https://ssl.perfora.net/estore.michigantinceilings.com/ is really long compared to estore.michigantinceilings.com.

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted

I spoke too soon about the config file.

 

Here:

 

define('HTTP_SERVER', 'http://michigantinceilings.com');

define('HTTPS_SERVER', 'https://ssl.perfora.net/estore.michigantinceilings.com');

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.michigantinceilings.com');

define('HTTPS_COOKIE_DOMAIN', 'ssl.perfora.net/estore.michigantinceilings.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

You may have problems with the subdomain. Lots of people do with many hosting companies. I really don't see the point. It's cute but uneccessarily complicated.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

ok I made the changes to config.php but I'm still having the image problem. It's not referencing to the right directory, right?

 

Should I just get rid of the subdomain that I have set up for the estore or would that complicate things further?

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

by the way- if you go to estore.michigantinceilings, you'll notice a lot of the product images are not there- that's because I deleted the product categories... not because of a problem we've been dealing with.

 

but the ssl.perfora.net one doesn't show ANY images at all. not sure if that matters but now you know.

 

I don't really know what I'm doing.

Link to comment
Share on other sites
martinedwards

martinedwards

Posted
Posted

HI, We are using SSL with a 1and1 hosting package and

was easy to use. Depending on your 1and1 package it

may already incorporate SSL and all you need to do

is change the configure.php file for the HTTPS_SERVER

 

1and1 provided us with https://sslrelay.com for example.

 

 

 

 

Someone mentioned earlier that it was complicated to get SSL to work with osCommerce's shopping cart when using a 1and1 hosting package.

 

Is there any documentation to help or anything? I am extremely new to SSL. I know very little about it.

 

Thanks.

Link to comment
Share on other sites
Vger

♥Vger

Posted
Posted

Your images not displaying may be due to insufficient permissions being set on the 'images' folder. Try 755 and if that does not make them show then use 777.

 

As you are using shared ssl anyway there is no benefit in trying to run the ssl from a subdomain.

 

Vger

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
ok I made the changes to config.php but I'm still having the image problem. It's not referencing to the right directory, right?

 

Should I just get rid of the subdomain that I have set up for the estore or would that complicate things further?

 

Lose the subdomain and you'll have a much easier time. Once you have a grasp of what you're doing you can experiment with it again if you wish.

 

You'll have to repoint the shared ssl server to the primary domain via the control panel though. Right now it points to the subdomain.

 

http://michigantinceilings.com

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

Setting the images DIR to 777 or 755 did not work.

 

Thanks for the help guys. I don't have time to test anything out right now, as I have college in half an hour and must leave. I shall return to this problem as soon as I get home, and hopefully it won't take much more to get it working correctly.

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

Okay so I got rid of the sub-domain and I changed the config to reflect the changes, and ala kazam there it is. It works.

 

The administration part of osCommerce still says "You are not protected by a secure SSL connection." though. Is that a problem?

 

I only have one question. And that is: should I be using https://ssl.perfora.net/michigantinceilings.com/catalog/ as the link for the actual store when linking to it from the main site?

 

Thank you EXTREMELY MUCH for helping me, guys. I love you!

Link to comment
Share on other sites
erikwoods

erikwoods

Posted
  • Author
Posted

actually... now that I have gone through some of the pages on the catalog, some of the pages do not have the https protocol on them and some do- is this normal?

 

example: click on my account or log in or register. They all have the https prot. but if you click on the categories on the left or whatever- they are http.

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
actually... now that I have gone through some of the pages on the catalog, some of the pages do not have the https protocol on them and some do- is this normal?

 

example: click on my account or log in or register. They all have the https prot. but if you click on the categories on the left or whatever- they are http.

 

This is exactly the way it should be. SSL should engage only on the "private" pages, customer details, payment, checkout, etc.

 

Link to the store through the primary address

 

http://michigantinceilings.com/catalog/

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
Thanks for clearing that up for me!

So the admin area that says i don't have SSL protection- I should just ignore that?

 

Here's a solution I like. "EZ" Secure Order & Customer Viewing for osCommerce Admin

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...