ROMANLION Posted January 27, 2006 Posted January 27, 2006 I have installed OSC on my shared hosting account with GoDaddy and have no problems, except that the SSL is not registering properly on the ADMIN page at bottom left corner, and on Secure pages the Lock is not displaying on bottom right of Internet explorer, except when you refresh the pages, then it displays briefly. However, if you double click on the square where the lock should be, the certificate info is displayed, proving that the site is secure... I am lost as to the problem here, and have tried everything. If anyone knows what I'm doing wrong, please help! Thank you. RomanLion
AlanR Posted January 27, 2006 Posted January 27, 2006 The standard ssl port for dedicated ssl is 443 (the standard http port is 80). I've seen dedicated ssl which returns no response for getenv('HTTPS') but does return a 443. In this case you can set line 41, testing for port 443, like so: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; See: http://www.oscommerce.com/forums/index.php?sho...23entry672623 Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
ROMANLION Posted January 27, 2006 Author Posted January 27, 2006 See: http://www.oscommerce.com/forums/index.php?sho...23entry672623 Alan, Thanks for the help. Where do I change line 41? What php file? I just ran the little server file that the forum entry you referred me to showed, and on https it returned only 443, no server info, etc...just like you said. I just need to know where to change line 41 and we'll see if that works...Thanks again.
AlanR Posted January 27, 2006 Posted January 27, 2006 Alan, Thanks for the help. Where do I change line 41? What php file? I just ran the little server file that the forum entry you referred me to showed, and on https it returned only 443, no server info, etc...just like you said. I just need to know where to change line 41 and we'll see if that works...Thanks again. reread the post, it's all explained. There's another minor change a couple pages further in. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
ROMANLION Posted January 27, 2006 Author Posted January 27, 2006 reread the post, it's all explained. There's another minor change a couple pages further in. Alan, I figured it out, and it works now, except the ADMIN Page doesn't show locked, and I changed line 278 in admin/index.php to this : if (getenv('SERVER PORT') == '443') { ( Lines 279-284 are the lines that wrap this secure/unsecure indicator, and are not working at all, even though I now have the lock on IE...any ideas?
Guest Posted January 29, 2006 Posted January 29, 2006 Hi there... Your problem sounds familiar!... I know that this may sound horribly basic, and maybe this is really way off base, but have you looked very carefully at all the image links inside that page? How about 'poking around inside' and right clicking on those images and links to see where they really go!?!? ~>You may be surprised!?! It is not impossible that one of them is pointing to an image that displays properly, or is clickable, properly, but in fact it is being stored outside of the secure zone of your server. We found that this will give you the description you described, too. Yes, we saw precisely this behavior that you describe (in your first post on this) happening when we moved to SSL. ~WHY?~ With many, many graphics on our site, one of them on the main page was selectable/clickable as a popup with a second link version opening in a new window...ostensibly all in 256 bit SSL. The file behind them was still stored, however, in the old non-secure http:// area of the same site with the same basic URL name. Some mistake in moving things had it still lurking in the old place (and hard coded), even though a copy of the file was in a storage area of the new secure location, but not in the right place for use! Tired eyes missed these cogent little details! On our system, the non-secure area was, not surprisingly, http://xxx.yz/catalog and the SSL secured is https://secure.xxx.yz/catalog We will of course change the /catalog name as another security layer precaution once the site is finished, but during development, things are very generic, more or less. The answer to our problem was equally obvious and really low tech. We copied the file, and saved it in the correct location in the secure subdomain area, and rebuilt the image link to the 'new' location inside the SSL environment (hint: in "catalog/images"). Not rocket science, but it fixed the 'disappearing lock' phenomenon in IE, and FireFox 'lit up' in an SSL Yellow URL, just the way it should do! Admin proudly displays a reassuring "You are protected by a 256-bit secure SSL connection." What more could I ask for," you might enquire!?? ...No guarantees included with this one, but it is worth a few moments of right clicking...! B) Happy Clicking!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.