Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Installing SSL....

osclover

By osclover
in General Support

Recommended Posts

osclover

osclover

Posted
Posted

I dont know how to setup SSL certificate for my domain name. I have installed oscommerce alraedy at my site but I came to know ssl cert is not setup is setup over my domain name probably. I've CPanel installed. How do i use it to setup SSL? Its a shared ssl cert.

 

 

For the SSL cert here is the path

https://secure83.websitewelcome.com/~tarheel

 

 

Their online help is at

http://support.hostgator.com/index.php?_m=...&pcid=9&nav=0,9

 

 

My site is hosted on a different domain name. Do I need to do sumthing with the PGP keys etc to setup the SSL? Thanks,

ozcsys

ozcsys

Posted
Posted
I dont know how to setup SSL certificate for my domain name. I have installed oscommerce alraedy at my site but I came to know ssl cert is not setup is setup over my domain name probably. I've CPanel installed. How do i use it to setup SSL? Its a shared ssl cert.

For the SSL cert here is the path

https://secure83.websitewelcome.com/~tarheel

 

 

Their online help is at

http://support.hostgator.com/index.php?_m=...&pcid=9&nav=0,9

My site is hosted on a different domain name. Do I need to do sumthing with the PGP keys etc to setup the SSL? Thanks,

 

 

If you are using a shared cert provided by your hosting company all you need to do is edit your configure.php files with the secure path provided by them and set ssl to true.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

osclover

osclover

Posted
  • Author
Posted

I've modified the configure.php file. Below is how it looks like right now:

 

 
 define('HTTP_SERVER', 'http://www.worldofcds.com'); // eg, http://localhost - should not be empty for productive servers
  define('HTTPS_SERVER', 'https://secure83.websitewelcome.com/~tarheel'); // eg, https://localhost - should not be empty for productive servers
  define('ENABLE_SSL', true); // secure webserver for checkout procedure?
  define('HTTP_COOKIE_DOMAIN', 'www.worldofcds.com');
  define('HTTPS_COOKIE_DOMAIN', 'secure83.websitewelcome.com/~tarheel');
  define('HTTP_COOKIE_PATH', '/');
  define('HTTPS_COOKIE_PATH', '/');
  define('DIR_WS_HTTP_CATALOG', '/');
  define('DIR_WS_HTTPS_CATALOG', '/');
  define('DIR_WS_IMAGES', 'images/');
  define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
  define('DIR_WS_INCLUDES', 'includes/');
  define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 
[code]
 
 
Is it the right way to do it?



			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

After modifying the configure.php file, when i visit my site I see that the 'Log in' page, 'My Account' page are not still being shown as http:// instead of the desired https:// . Where as when i put the mouse pointer at the Check Out link the link is shown as https:// but even that is not working properly because when i click on it i get an error. Picture of it is shown below. 


 


ssl_error.jpg


 


 


When I click YES on this alert box I get an HTTP 404 Not Found error. If I clieck NO , nothing happens ...like i am not taken to a new page.



			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







					
					
					
				

					

					
					







					
					
					
				

					

					
					







					
					
					
				

					

					
					







	

	

	

		

			

				


	
		custodian
	

				
				
			

		

		

			

				


custodian
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

Anyone? I'm really stuck with this SSL problem :(


 


You get these types of error from using self generate certs and from open source cert like CaCert. It's a valid cert, but most browsers don't recognize it by default. You need to get a cert with 99% or higher browser recognition. Personally unless your hosting company changes the cert they are using, I do not believe there is anything you can do to make that security message to go away.



			
		


		

		
			

	

		

		

			

My Contributions


 


Henry Smith


		

	


		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

Thanks Henry. I'll talk to the client about this. But what I'm concerned with right now is as to how to correctly direct the 3 links My acount, Login, and Checkout to the shared certificate. I think despite the error message shown, I should be able to connected to the My account, login pge and checkout page using the HTTPS:// link. 


 


While my client changes the cert, i would still wnt to configure the SSL certificate correctly over the oscommerce site.



			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

I am aware of the fact that "installing" a shared ssl certificate over a domain name is the first step and "configuring" that installed shared ssl certificate over the oscommerce script is a totally separate step (and its step number two) . No one can cofigure SSL over oscommerce unless and untill the SSL certificated purchased is installed over the domain name. Am I right? 


I guess the problem i am getting (404 errors after clickin on links leading to My Account, Check out and Login Pages) is because of the fact that my client has not yet installed the shared SSL certificated over his purchased domain. I'm not sure but thats the only explanation I have.


If I am right, I would like to know how can i verify whether my client has got the ssl certificate installed over his domain name or not? Secondly if its not installed, how can I get it installed? I've heard something about PGP keys but don't really get it.



			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		custodian
	

				
				
			

		

		

			

				


custodian
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

I am aware of the fact that "installing" a shared ssl certificate over a domain name is the first step and "configuring" that installed shared ssl certificate over the oscommerce script is a totally separate step (and its step number two) . No one can cofigure SSL over oscommerce unless and untill the SSL certificated purchased is installed over the domain name. Am I right? 
I guess the problem i am getting (404 errors after clickin on links leading to My Account, Check out and Login Pages) is because of the fact that my client has not yet installed the shared SSL certificated over his purchased domain. I'm not sure but thats the only explanation I have.


If I am right, I would like to know how can i verify whether my client has got the ssl certificate installed over his domain name or not? Secondly if its not installed, how can I get it installed? I've heard something about PGP keys but don't really get it.




 


PGP has nothing to do with SSL certificate. You do need to have generated keys (public and private) for it to work, but PGP is something else entirely.


 


I'm not sure of you hosting service's setup, but I beleive they have your directory incorrect. On FreeBSD I can set the the virtual domain directory to one directory adn the https directory for the virtual domain to something else, though I usually keep them the same so that I can choose what I want to provide as secure and what I don't want to..


 


Anyway, I see te 404 eror you are talking about, BUT if I go to https://www.worldofcds.com/ the ISP's configuration (Nothing to do with oscommerce) should give me the same page, though securely as http://www.worldofcds.com/ - Instead https://www.worldofcds.com/ takes me to a directory with nothing in it. Since the directory has nothing in it, this would explain the 404 errors.


 


Aditionally if I go to https://secure83.websitewelcome.com/~tarheel/ it takes me to an entirely differnet directory with different contents. 


 


Unless you hosting company has something out of wack, these should go to the same directory with the same contents



			
		


		

		
			

	

		

		

			

My Contributions


 


Henry Smith


		

	


		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			
Thanks for such an informative message Henry. I partly get whatever you said. But now ....what's next? Should I contact the hosting company and enquire them as to what is the correct directory for SSL? I've seen in some servers they have a separate directory for teh SSL called as HTTP.


			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		custodian
	

				
				
			

		

		

			

				


custodian
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

Thanks for such an informative message Henry. I partly get whatever you said. But now ....what's next? Should I contact the hosting company and enquire them as to what is the correct directory for SSL? I've seen in some servers they have a separate directory for teh SSL called as HTTP.


 


Personally I would ask the following


 


A - What is the correct location for me to put the fies that I wish to use for secure https connections?


 


B - [note the S's in httpS] Why does https://www.worldofcds.com/ & https://secure83.websitewelcome.com/~tarheel/ go to different directories?


 


C - Which do they perfer for you to use https://www.worldofcds.com/ or https://secure83.websitewelcome.com/~tarheel/ for your secure linking.


 


 


I feel that if you can get away with it without any Secure SSL error windows popping up, I'd use the https://www.worldofcds.com/ so that the customer beleives they are still on your site. I usually do whatever I can to not have them leave (which is also why I dropped Paypal... but that's another story)


 


In my opinion You should be able to take ANY address of a domian


 


http://www.mydomain.com/blah blah blah


 


and change the http to https and it should work exactly the same, but securely.


 


Aditionally if I go to https://secure83.websitewelcome.com/~tarheel/ it takes me to an entirely differnet directory with different



			
		


		

		
			

	

		

		

			

My Contributions


 


Henry Smith


		

	


		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			
My oscommerce files are in the public_html directory. There is also a directory called SSL in my ftp account. Would that help by any means? How should I modify my configure.php file in order to take advantage of the SSL directory...?


			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







	

	

	

		

			

				


	
		osclover
	

				
				
			

		

		

			

				


osclover
			

			

			    Posted 
				
			

		

	

	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			

I replaced the url 'https://secure83.websitewelcome.com/~tarheel' by 'https://www.worldofcds.com' in the configure.php but the problem remains the same. 


 


I guess its because the ssl certificate is not installed over my domain name. Am I right?



			
		


		

		
	


	
    


	




					
					
					
				

					

					
					







					
					
					
				
			
			



		

	


	
	
	
		

			
Archived

			

				This topic is now archived and is closed to further replies.
			

		

	
	
	

	







	

		
			
				Go to topic listing
			
		
	

	




						


                      

                  
                  	


					
					

				

			

			
		

		


	

		×
		

			
				

					
				

			

			

			

			
		

	






	

		×
		

			
    
				
  • Create New...
    •