stephvand Posted March 14, 2006 Posted March 14, 2006 Hey folks. I originally installed OSC quite a while ago, opting NOT to check the SSL box upon install because I didn't have an SSL cert at the time. I've just gotten one, and am trying to secure my site. I've edited includes/configure.php as follows: / Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.fborfw.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.fborfw.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.fborfw.com'); define('HTTPS_COOKIE_DOMAIN', 'www.fborfw.com'); define('HTTP_COOKIE_PATH', '/store/catalog/'); define('HTTPS_COOKIE_PATH', '/store/catalog/'); define('DIR_WS_HTTP_CATALOG', '/store/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/store/catalog/'); and admin/includes/configure.php like so: define('HTTP_SERVER', 'http://www.fborfw.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'http://www.fborfw.com'); define('HTTPS_CATALOG_SERVER', 'https://www.fborfw.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/var/www/www.fborfw.com/html/store/catalog/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/store/catalog/admin/'); // absolute path required When I upload these, I get 404s when trying to access the Account and Checkout pages. I know the SSL cert is enabled...am I missing a step? Do I need to move or copy the store someplace? I keep coming across mentions of having two copies of the store files - one secure and one non-secure. OSC's on a dedicated server and I have my own SSL cert, purchased for domain www.fborfw.com. Any ideas? Thanks.
AlanR Posted March 14, 2006 Posted March 14, 2006 You may be on a server which has a second folder for "secure" pages. Is it a Plesk system? Since it's a dedicated server it's easy to change this and avoid all the hassles of maintaining two copies of the store. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
♥Vger Posted March 14, 2006 Posted March 14, 2006 Well the cert is fine, so it looks as though Alan is pointing you in the right direction. Vger
stephvand Posted March 14, 2006 Author Posted March 14, 2006 Actually, the problem was with the document roots for the two hosts. Here's what my hosting provider told me: The ssl virtualhost for [domain] had a different DocumentRoot than the non ssl virtual host. I modified the following line in /etc/httpd/conf.d/ssl.conf and they both work properly now. DocumentRoot "/var/www/www[domain].com/html" Hope this helps someone else!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.