Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Admin SSL


dstu

Recommended Posts

Hello,

 

Although my 'ENABLE_SSL_CATALOG' is set to 'true' in the admin's configure.php, When I browse through the admin section, it doesn't give me SSL URLs.

 

The store area works fine (login, account creation... are HTTPS).

 

On the initial Administration page I have the following message:

You are not protected by a secure SSL connection.

When I manually change the URL to HTTPS, I get the following message in the same area:

You are protected by a unknown secure SSL connection., but as i said previously, any link I click on would take me back to non-secure pages.

 

Any idea how to fix this?

 

Thanks,

 

David

Link to comment
Share on other sites

I am having the same problem, execpt its on both the /catalog/ and on /admin/.

 

I can log in to either side of the site, i have completed obvious changes in both configure.php, and all the links go back to non secure pages.

Link to comment
Share on other sites

This may seem obvious, but it can't be as many people make this mistake.

 

It's not enough to set enable_ssl to true - you actually either have to have access to a shared ssl cert. and set up your configure.php files to correctly use it, or else you need to have your own full ssl cert. installed and set your configure.php files accordingly.

 

If you have a full ssl certificate then in admin/includes/configure.php you can set both of the http entries to the https address, and then you will get the message 'this site is protected by an unknown secure ssl cert' etc. If you do this with a shared ssl cert. it will work but you won't be able to see your images in 'admin' - they'll exist but it's unlikely you'll be able to view them within admin.

 

Vger

Link to comment
Share on other sites

Hello,

 

Although my 'ENABLE_SSL_CATALOG' is set to 'true' in the admin's configure.php, When I browse through the admin section, it doesn't give me SSL URLs.

 

The store area works fine (login, account creation... are HTTPS).

 

On the initial Administration page I have the following message:

You are not protected by a secure SSL connection.

When I manually change the URL to HTTPS, I get the following message in the same area:

You are protected by a unknown secure SSL connection., but as i said previously, any link I click on would take me back to non-secure pages.

 

Any idea how to fix this?

 

Thanks,

 

David

 

What you need to do to have your admin stay in https mode is change the first http define in your admin/includes/configure.php file to your secure path.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

I am having the exact same problem as everyone else. I've set all my define http's in the admin/includes/configure.php file to my ssl server and I get the same problem as the previous poster. I get ssl links for the checkout process, but the admin pages are unsecured making me send my htpasswd unencrypted. Why in the world are there two configure.php files to begin with? Why on earth would this system even let you set up oscommerce without having a secure way to log in as administrator?!?!

 

What you need to do to have your admin stay in https mode is change the first http define in your admin/includes/configure.php file to your secure path.
Link to comment
Share on other sites

I am having the exact same problem as everyone else. I've set all my define http's in the admin/includes/configure.php file to my ssl server and I get the same problem as the previous poster. I get ssl links for the checkout process, but the admin pages are unsecured making me send my htpasswd unencrypted. Why in the world are there two configure.php files to begin with? Why on earth would this system even let you set up oscommerce without having a secure way to log in as administrator?!?!

 

You need to set both

 

define('HTTP_SERVER' AND define('HTTPS_CATALOG_SERVER

 

to your secure server

Link to comment
Share on other sites

You need to set both

 

define('HTTP_SERVER' AND define('HTTPS_CATALOG_SERVER

 

to your secure server

 

Yes, I realize this. I have set ALL of these to my secure server and it still doesn't work. Any more ideas?

Link to comment
Share on other sites

I am having the exact same problem as everyone else. I've set all my define http's in the admin/includes/configure.php file to my ssl server and I get the same problem as the previous poster. I get ssl links for the checkout process, but the admin pages are unsecured making me send my htpasswd unencrypted. Why in the world are there two configure.php files to begin with? Why on earth would this system even let you set up oscommerce without having a secure way to log in as administrator?!?!

 

If your first http define is set to your secure path then your admin should stay in secure mode. I have set up quite a few sites and have never had it not work so I would recheck my admin/includes/configure.php file.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

My site was having the same problem unsecured URLs. I changed the

define('HTTP_SERVER', 'https://www.mysitename.com') and now all links go to secure urls. :D

 

It still says "unknown" secure ssl connection. Is this to be expected, or is there a way to get it to be "known"?

Link to comment
Share on other sites

My site was having the same problem unsecured URLs. I changed the

define('HTTP_SERVER', 'https://www.mysitename.com') and now all links go to secure urls. :D

 

It still says "unknown" secure ssl connection. Is this to be expected, or is there a way to get it to be "known"?

 

 

Do you have a ssl certificate?

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...