Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Installing SSL....


osclover

Recommended Posts

I dont know how to setup SSL certificate for my domain name. I have installed oscommerce alraedy at my site but I came to know ssl cert is not setup is setup over my domain name probably. I've CPanel installed. How do i use it to setup SSL? Its a shared ssl cert.

 

 

For the SSL cert here is the path

https://secure83.websitewelcome.com/~tarheel

 

 

Their online help is at

http://support.hostgator.com/index.php?_m=...&pcid=9&nav=0,9

 

 

My site is hosted on a different domain name. Do I need to do sumthing with the PGP keys etc to setup the SSL? Thanks,

Link to comment
Share on other sites

I dont know how to setup SSL certificate for my domain name. I have installed oscommerce alraedy at my site but I came to know ssl cert is not setup is setup over my domain name probably. I've CPanel installed. How do i use it to setup SSL? Its a shared ssl cert.

For the SSL cert here is the path

https://secure83.websitewelcome.com/~tarheel

 

 

Their online help is at

http://support.hostgator.com/index.php?_m=...&pcid=9&nav=0,9

My site is hosted on a different domain name. Do I need to do sumthing with the PGP keys etc to setup the SSL? Thanks,

 

 

If you are using a shared cert provided by your hosting company all you need to do is edit your configure.php files with the secure path provided by them and set ssl to true.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

I've modified the configure.php file. Below is how it looks like right now:

 

 

define('HTTP_SERVER', 'http://www.worldofcds.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://secure83.websitewelcome.com/~tarheel'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.worldofcds.com');

define('HTTPS_COOKIE_DOMAIN', 'secure83.websitewelcome.com/~tarheel');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

[code]

 

 

Is it the right way to do it?

Link to comment
Share on other sites

After modifying the configure.php file, when i visit my site I see that the 'Log in' page, 'My Account' page are not still being shown as http:// instead of the desired https:// . Where as when i put the mouse pointer at the Check Out link the link is shown as https:// but even that is not working properly because when i click on it i get an error. Picture of it is shown below.

 

ssl_error.jpg

 

 

When I click YES on this alert box I get an HTTP 404 Not Found error. If I clieck NO , nothing happens ...like i am not taken to a new page.

Link to comment
Share on other sites

Anyone? I'm really stuck with this SSL problem :(

 

You get these types of error from using self generate certs and from open source cert like CaCert. It's a valid cert, but most browsers don't recognize it by default. You need to get a cert with 99% or higher browser recognition. Personally unless your hosting company changes the cert they are using, I do not believe there is anything you can do to make that security message to go away.

My Contributions

 

Henry Smith

Link to comment
Share on other sites

Thanks Henry. I'll talk to the client about this. But what I'm concerned with right now is as to how to correctly direct the 3 links My acount, Login, and Checkout to the shared certificate. I think despite the error message shown, I should be able to connected to the My account, login pge and checkout page using the HTTPS:// link.

 

While my client changes the cert, i would still wnt to configure the SSL certificate correctly over the oscommerce site.

Link to comment
Share on other sites

I am aware of the fact that "installing" a shared ssl certificate over a domain name is the first step and "configuring" that installed shared ssl certificate over the oscommerce script is a totally separate step (and its step number two) . No one can cofigure SSL over oscommerce unless and untill the SSL certificated purchased is installed over the domain name. Am I right?

I guess the problem i am getting (404 errors after clickin on links leading to My Account, Check out and Login Pages) is because of the fact that my client has not yet installed the shared SSL certificated over his purchased domain. I'm not sure but thats the only explanation I have.

If I am right, I would like to know how can i verify whether my client has got the ssl certificate installed over his domain name or not? Secondly if its not installed, how can I get it installed? I've heard something about PGP keys but don't really get it.

Link to comment
Share on other sites

I am aware of the fact that "installing" a shared ssl certificate over a domain name is the first step and "configuring" that installed shared ssl certificate over the oscommerce script is a totally separate step (and its step number two) . No one can cofigure SSL over oscommerce unless and untill the SSL certificated purchased is installed over the domain name. Am I right?

I guess the problem i am getting (404 errors after clickin on links leading to My Account, Check out and Login Pages) is because of the fact that my client has not yet installed the shared SSL certificated over his purchased domain. I'm not sure but thats the only explanation I have.

If I am right, I would like to know how can i verify whether my client has got the ssl certificate installed over his domain name or not? Secondly if its not installed, how can I get it installed? I've heard something about PGP keys but don't really get it.

 

PGP has nothing to do with SSL certificate. You do need to have generated keys (public and private) for it to work, but PGP is something else entirely.

 

I'm not sure of you hosting service's setup, but I beleive they have your directory incorrect. On FreeBSD I can set the the virtual domain directory to one directory adn the https directory for the virtual domain to something else, though I usually keep them the same so that I can choose what I want to provide as secure and what I don't want to..

 

Anyway, I see te 404 eror you are talking about, BUT if I go to https://www.worldofcds.com/ the ISP's configuration (Nothing to do with oscommerce) should give me the same page, though securely as http://www.worldofcds.com/ - Instead https://www.worldofcds.com/ takes me to a directory with nothing in it. Since the directory has nothing in it, this would explain the 404 errors.

 

Aditionally if I go to https://secure83.websitewelcome.com/~tarheel/ it takes me to an entirely differnet directory with different contents.

 

Unless you hosting company has something out of wack, these should go to the same directory with the same contents

My Contributions

 

Henry Smith

Link to comment
Share on other sites

Thanks for such an informative message Henry. I partly get whatever you said. But now ....what's next? Should I contact the hosting company and enquire them as to what is the correct directory for SSL? I've seen in some servers they have a separate directory for teh SSL called as HTTP.

Link to comment
Share on other sites

Thanks for such an informative message Henry. I partly get whatever you said. But now ....what's next? Should I contact the hosting company and enquire them as to what is the correct directory for SSL? I've seen in some servers they have a separate directory for teh SSL called as HTTP.

 

Personally I would ask the following

 

A - What is the correct location for me to put the fies that I wish to use for secure https connections?

 

B - [note the S's in httpS] Why does https://www.worldofcds.com/ & https://secure83.websitewelcome.com/~tarheel/ go to different directories?

 

C - Which do they perfer for you to use https://www.worldofcds.com/ or https://secure83.websitewelcome.com/~tarheel/ for your secure linking.

 

 

I feel that if you can get away with it without any Secure SSL error windows popping up, I'd use the https://www.worldofcds.com/ so that the customer beleives they are still on your site. I usually do whatever I can to not have them leave (which is also why I dropped Paypal... but that's another story)

 

In my opinion You should be able to take ANY address of a domian

 

http://www.mydomain.com/blah blah blah

 

and change the http to https and it should work exactly the same, but securely.

 

Aditionally if I go to https://secure83.websitewelcome.com/~tarheel/ it takes me to an entirely differnet directory with different

My Contributions

 

Henry Smith

Link to comment
Share on other sites

My oscommerce files are in the public_html directory. There is also a directory called SSL in my ftp account. Would that help by any means? How should I modify my configure.php file in order to take advantage of the SSL directory...?

Link to comment
Share on other sites

I replaced the url 'https://secure83.websitewelcome.com/~tarheel' by 'https://www.worldofcds.com' in the configure.php but the problem remains the same.

 

I guess its because the ssl certificate is not installed over my domain name. Am I right?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...