buzltyr Posted December 28, 2005 Share Posted December 28, 2005 I have yet to see a thread with this dilemma..My server has a shared cert but to use it you have to point to https://ssl.hostprovider.net/~myusernumber/. Instructions are pages uploaded to the root ssl folder can be seen. If I want the user sign up and the shopping cart checkout secure, what files do I load and how to point the forms to this address? Thanks in advance. Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 28, 2005 Share Posted December 28, 2005 When you use a shared ssl, you are using the hosts certificate. Since the certifcate is usually created to match the server you are on, that type of url is common. To use it, you just need to fill in the https and https cookie strings in the includes/configure.php file. You also need to set use ssl to true in that file. Oscommerce will do the rest. Jack Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
buzltyr Posted December 28, 2005 Author Share Posted December 28, 2005 When you use a shared ssl, you are using the hosts certificate. Since the certifcate is usually created to match the server you are on, that type of url is common. To use it, you just need to fill in the https and https cookie strings in the includes/configure.php file. You also need to set use ssl to true in that file. Oscommerce will do the rest. Jack Jack: Do I need to load all of the catalog files to the ssl folder? I tried setting the configure to that url and I got the parent folder...I don't want slow the whole site down by uploading all the files. Link to comment Share on other sites More sharing options...
MaBiSmAd Posted December 28, 2005 Share Posted December 28, 2005 I have yet to see a thread with this dilemma..My server has a shared cert but to use it you have to point to https://ssl.hostprovider.net/~myusernumber/. Instructions are pages uploaded to the root ssl folder can be seen. If I want the user sign up and the shopping cart checkout secure, what files do I load and how to point the forms to this address? Thanks in advance. Actually, the easiest way is if your hosting provider will change your SSL folder to be the same as your web site root folder, than this will work with one copy of the the code (I am assuming that the SSL folder is currently a separate folder below your web site root folder.) Link to comment Share on other sites More sharing options...
Guest Posted December 28, 2005 Share Posted December 28, 2005 this is all dependent upon your host, how they have things setup for you to use the shared ssl cert. Link to comment Share on other sites More sharing options...
buzltyr Posted December 28, 2005 Author Share Posted December 28, 2005 Actually, the easiest way is if your hosting provider will change your SSL folder to be the same as your web site root folder, than this will work with one copy of the the code (I am assuming that the SSL folder is currently a separate folder below your web site root folder.) You are correct. It is outside the root...They say: You are not able to use your domain name for SSL request due to the nature of SSL certificates and encryption techniques. Link to comment Share on other sites More sharing options...
buzltyr Posted December 28, 2005 Author Share Posted December 28, 2005 this is all dependent upon your host, how they have things setup for you to use the shared ssl cert. We have bought a shared SSL certificate for all customers to use free of charge. To use it you need to create a directory via FTP in your account root ( / ) named: ssl Pages uploaded to the ssl directory can be viewed via the web here: URL: https://ssl.hostprovider/~myusernumber/ Link to comment Share on other sites More sharing options...
MaBiSmAd Posted December 28, 2005 Share Posted December 28, 2005 We have bought a shared SSL certificate for all customers to use free of charge. To use it you need to create a directory via FTP in your account root ( / ) named: ssl Pages uploaded to the ssl directory can be viewed via the web here: URL: https://ssl.hostprovider/~myusernumber/ I could tell from reading your statement that this was probably the case. Actually, if your control panel has an option to enable SSL, this ssl folder should be created automatically. If you need to create the folder yourself, ok. While it is true that the default location for this is outside your web site's root (in your account's root in fact), if your hosting company knows what they are doing they can modify this setting/location for you so that the folder that the SSL URL points to is your web site's root, which would allow you to only have one copy of the code. When I asked my hosting company if they could do this, they both knew how to do it and made the change with no fuss. If they can't or won't accommodate you on this, you have some choices - 1) Put oscommerce into the SSL folder and only run it in SSL. This will experience the well known page load speed penalty as everything well be encoded and decoded when it is sent to the browser. 2) Put a duplicate copy of oscommerce into the SSL folder. I don't know enough about oscommerce to know if this configuration is supported (I seem to remember seeing something about a session problem when switching between SSL and non-ssl pages, but someone else here may know the definitive answer to this...) 3) Buy your own SSL certificate so that http://www.yourdomain.com and https://www.yourdomain.com will both point to your root web site. 4) Find a hosting company that can and will accomodate your needs on this. Link to comment Share on other sites More sharing options...
buzltyr Posted December 28, 2005 Author Share Posted December 28, 2005 MaBiSmAd Thank you for the understanding of the dilemma....In contact with the host provider they are understanding that they need to offer a dedicated SSL Cert. That is in the near future....I figured that if I were to put the appropriate files in the ssl folder that it would be recognized. I uploaded check out, register and all the most common that would need to be secure but it would not recognize so there is more to the coding that is beyond me. But again thank you, thank you for responding...Happy New Year Link to comment Share on other sites More sharing options...
MaBiSmAd Posted December 28, 2005 Share Posted December 28, 2005 MaBiSmAd Thank you for the understanding of the dilemma....In contact with the host provider they are understanding that they need to offer a dedicated SSL Cert. That is in the near future....I figured that if I were to put the appropriate files in the ssl folder that it would be recognized. I uploaded check out, register and all the most common that would need to be secure but it would not recognize so there is more to the coding that is beyond me. But again thank you, thank you for responding...Happy New Year I did find a section in the FAQ about using a shared SSL, but it was clearly for the case where you are using a single copy of the code. I have not found anything about splitting the code between two folders for SSL and non-SSL. Perhaps some of the long time users know if this is possible with oscommerce??? Link to comment Share on other sites More sharing options...
♥Vger Posted December 29, 2005 Share Posted December 29, 2005 Some hosts who use an old fashioned system have two folders one for http docs and one for https docs. The http docs need to be duplicated in the https docs (or ssl) folder. Some hosts can get around this problem by creating a Symbolic Link between the https docs folder and the http docs folder, thus removing the need to duplicate files/folders. But from Buzz's post it doesn't sound as if his hosts know much about ssl at all. Vger Link to comment Share on other sites More sharing options...
buzltyr Posted December 29, 2005 Author Share Posted December 29, 2005 Some hosts who use an old fashioned system have two folders one for http docs and one for https docs. The http docs need to be duplicated in the https docs (or ssl) folder. Some hosts can get around this problem by creating a Symbolic Link between the https docs folder and the http docs folder, thus removing the need to duplicate files/folders. But from Buzz's post it doesn't sound as if his hosts know much about ssl at all. Vger Vger: I also believe the host is uninformed..I have tried to get them to reconsider yet they are adamant that theey will not do anything else other than direct the uploaded pages to the ssl folder that is created by me. They will be offering a dedicated soon, but I am not sure whether I want to wait. I am losing sales now because I have no secure pages. Bummer...Thanks for replying. Link to comment Share on other sites More sharing options...
Guest Posted December 29, 2005 Share Posted December 29, 2005 if you believe you are losing sales because of your host, change hosts Link to comment Share on other sites More sharing options...
MaBiSmAd Posted December 29, 2005 Share Posted December 29, 2005 Vger:I also believe the host is uninformed..I have tried to get them to reconsider yet they are adamant that theey will not do anything else other than direct the uploaded pages to the ssl folder that is created by me. They will be offering a dedicated soon, but I am not sure whether I want to wait. I am losing sales now because I have no secure pages. Bummer...Thanks for replying. You can purchase your own dedicated SSL certificate, without waiting for your hosting company to offer them. However, your web hosting company must install this for you, which may be asking too much. Check if they are willing (or knowledgeable) to install a certificate that you purchase on your own. Link to comment Share on other sites More sharing options...
buzltyr Posted December 29, 2005 Author Share Posted December 29, 2005 You can purchase your own dedicated SSL certificate, without waiting for your hosting company to offer them. However, your web hosting company must install this for you, which may be asking too much. Check if they are willing (or knowledgeable) to install a certificate that you purchase on your own. Tried that and their reply is the same "You are not able to use your domain name for SSL request due to the nature of SSL certificates and encryption techniques." Other than this issue I have been with them for over a year and they are a reliable host....I really hate to change now and they are working to get a dedicated cert offered. Thanks I appreciate it. Link to comment Share on other sites More sharing options...
♥Vger Posted December 29, 2005 Share Posted December 29, 2005 One piece of advice which you were given, to run everything from the ssl folder, is incorrect. If you do this then all pages will be https and you'll get no search engine rankings at all - because search engines don't rank https pages. You say you paid for your shared ssl cert - you got ripped off. The majority of hosts provide the shared ssl cert as part of their basic service. Some hosts won't provide full ssl certs because to have one on a shared server it means that site having a dedicated ip address of its own, and they won't provide that facility. Vger Link to comment Share on other sites More sharing options...
MaBiSmAd Posted December 29, 2005 Share Posted December 29, 2005 We have bought a shared SSL certificate for all customers to use free of charge. To use it you need to create a directory via FTP in your account root ( / ) named: ssl Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.