worldheadja Posted March 22, 2006 Posted March 22, 2006 I Installed my OsCommerce Template recently and my SSL works but how do i get the small lock to show at the btton right corner of the browser window. Thanks for your help
custodian Posted March 22, 2006 Posted March 22, 2006 I Installed my OsCommerce Template recently and my SSL works but how do i get the small lock to show at the btton right corner of the browser window. Thanks for your help If the padlock isn't there, then the SSL ins't working Please post a link to your website My Contributions Henry Smith
worldheadja Posted March 22, 2006 Author Posted March 22, 2006 If the padlock isn't there, then the SSL ins't working Please post a link to your website Wow i though whenever the http:// changes to https:// i thought that was because of the SSL, sorry my bad. What happened was i installed the template before but i couldn't get the SSL it to work, because the SSL was setup after the first installation of my OsCommerce and because i couldn't get it to work. I decided to do a fresh installation and select the SSL options during the installation. If my SSL isn't active what do i have to do from here correct this? The link below is my site the http:// changes to htttps:// when products are selected and the customer goes into the checkout area. www.aventdesigns.com Thanks again for your assistance
custodian Posted March 22, 2006 Posted March 22, 2006 OK.. you have the SSL installed partially correct. When going to an https page the padlock shows in FireFox, but has a line through it; which indicated that it is only partially secure. The problem is that all of your images are being pulled from http and not https. Please post your configure.php file found in /catalog/includes/configure.php REMOVE DB name and password My Contributions Henry Smith
worldheadja Posted March 23, 2006 Author Posted March 23, 2006 Here is the config file from the includes folder <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.aventdesigns.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.aventdesigns.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.aventdesigns.com'); define('HTTPS_COOKIE_DOMAIN', 'www.aventdesigns.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/content/w/o/r/*********/html/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', '*********'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', '*******'); define('DB_SERVER_PASSWORD', '*********'); define('DB_DATABASE', '********'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> Thanks You so much for assisting me
custodian Posted March 23, 2006 Posted March 23, 2006 That all looks correct to me. When did you install this? Did you install it? Once an SSL is installed, the web server should be restarted... was it? My Contributions Henry Smith
worldheadja Posted March 23, 2006 Author Posted March 23, 2006 That all looks correct to me. When did you install this? Did you install it? Once an SSL is installed, the web server should be restarted... was it? The SSL was setup over a month ago by my hosting company. I cant say if they restarted there server since then. Can u tell me what is actually missing here, why i am not seeing the padlock at the button of the window? Is it a problem that it switches to https:// only after you enter into the check out page?
custodian Posted March 23, 2006 Posted March 23, 2006 No.. it should switch only when entering the my account, check out pages etc... but it's being marked as only partially secure and that may scare some people away - as most people are unable to tell how or what is and isn't secure. They may not want to take a chance of it being their information that isn't secure. I'm at a loss currently - You configure.php matches mine to the T (less the directories). My Contributions Henry Smith
worldheadja Posted March 23, 2006 Author Posted March 23, 2006 No.. it should switch only when entering the my account, check out pages etc... but it's being marked as only partially secure and that may scare some people away - as most people are unable to tell how or what is and isn't secure. They may not want to take a chance of it being their information that isn't secure. I'm at a loss currently - You configure.php matches mine to the T (less the directories). Since i re-installed the new oscommerce i haven't created a sample account. I just did, while it was processing the customer info it switched to https:// but went back to http when it went back to the products but switched back to https:// when i was ready to check. This isn't secure enough? Does it have anytrhing to do with the products because they are still the demo products? Can you please if you have the time, create an account to see how it behaves maybe you will spot something i'm not seeing to tell you. Please. When you say its being marked as only partially secure, do you mean because it switches https:// without the padlock? Thanks again
Guest Posted March 23, 2006 Posted March 23, 2006 I was wondering if you ever found a solution to this problem, as I am experiencing it as well.
Guest Posted March 23, 2006 Posted March 23, 2006 its because the images aren't on the secure folder.
worldheadja Posted March 24, 2006 Author Posted March 24, 2006 its because the images aren't on the secure folder. When you said the images are not on the secure folder what do you mean,The product images? My SSL was puchased at my hosting company and is made out to www.aventdesigns.com shouldn't this mean that every folder on domain is secure? Is there anyway i can stop the message from comming up that tell my customers they are being forwarded to a none secure page after they have signed in or create an account? eg.. making that customer log-in none secure and allow only the checkout and beyond that secure? Thanks
Guest Posted March 24, 2006 Posted March 24, 2006 no not the product images in general all images, If you check the properties of an image in the secure page it still points to the http site. It should been https. So if you see separate folders for secure/non-secure with your ftp tool or host's cpanel you need to duplicate all images and pretty much all osc files. Now if you don't have separate folders could be either configuration or code that is different when it builds the image paths and has to be corrected. In that case check for changes in the catalog\includes\functions\html_output.php with the current code you have and the default osc file.
AlanR Posted March 24, 2006 Posted March 24, 2006 First off: Read these posts http://www.oscommerce.com/forums/index.php?sho...23entry672623 http://www.oscommerce.com/forums/index.php?sho...09entry748409 Then, after you manage to get a solid padlock upon visiting https://www.aventdesigns.com/create_account.php you can take the next steps. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
Guest Posted March 24, 2006 Posted March 24, 2006 The first link did it for me [http://www.oscommerce.com/forums/index.php?sho...23entry672623] Commented out line 41 in the application_top.php and added: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; The line might not be the same for you so be sure to read the whole thing and hopefully it fixes your problem. If you're using GoDaddy, then that line will probably work for you.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.