Stealth1 Posted July 2, 2006 Posted July 2, 2006 I am having a bit of a problem with SSL on my site and im hoping someone can shed some light on it. I have searched but couldnt find anything relevant to my issue exactly. I have used the "knowledge base" info on ssl to what i think is properly setup my site with SSL and have gotten a certificate from my hosting company so im unsure why im not getting anything indicating SSL is working. When i setup the cert. it didnt give me any different web page addresses to input for secure vs. non-secure pages for my site. Now when im on my page there is no indication of SSL being active and when i change http to https a box pops up saying something about the cert. registered to my server name and not the domain name and then you can click "ok" or "cancel" and when i click ok it goes to a 404 page saying "The requested URL /osc/ was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. " Now what im wondering is if its necessary for any files to be put into the ssl folder on my server or not? I havent moved anything and the regular site works perfect so im unsure why ssl isnt working properly. u can check out the site at www.tougetuning.com/osc and let me know if u find anything.
♥Vger Posted July 2, 2006 Posted July 2, 2006 Your ssl cert is a shared cert provided by your hosting company - and it's address is server5.hostingplex.com. You have probably set your site up to use a full ssl cert with the address https://www.yourdomain.com Vger
Stealth1 Posted July 2, 2006 Author Posted July 2, 2006 Your ssl cert is a shared cert provided by your hosting company - and it's address is server5.hostingplex.com. You have probably set your site up to use a full ssl cert with the address https://www.yourdomain.com Vger yes thats exactly what ive done, what changes do i need to make to get this to work or this there a thread or info on this that would guide me through the process?
Stealth1 Posted July 2, 2006 Author Posted July 2, 2006 how should this be setup if the secure server is server5.hostingplex.com (i believe thats what it is?) and the store is www.tougetuning.com/osc. define('HTTPS_SERVER', 'https://????'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTPS_COOKIE_DOMAIN', '???????'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTPS_CATALOG', '/osc/');
♥Vger Posted July 2, 2006 Posted July 2, 2006 define('HTTPS_SERVER', 'https://server5.hostingplex.com/toughtuning.com); define('ENABLE_SSL', true); define('HTTPS_COOKIE_DOMAIN', 'server5.hostingplex.com/toughtuning.com'); define('HTTPS_COOKIE_PATH', '/osc'); define('DIR_WS_HTTPS_CATALOG', '/osc/'); Try those settings - and if your host uses a two folder system, one for http docs and another for httpsdocs then you'll have to duplicate your folders/files in the httpsdocs folder. Vger
Stealth1 Posted July 3, 2006 Author Posted July 3, 2006 I input those changes and i still see no lock at the bottom when navigating and when changing http to https the box comes up with the first two checked and the third it says the certificate may not match the name of the site. Not sure what im doing wrong but im willing to try and do stuff.
Stealth1 Posted July 5, 2006 Author Posted July 5, 2006 define('HTTPS_SERVER', 'https://server5.hostingplex.com/toughtuning.com);define('ENABLE_SSL', true); define('HTTPS_COOKIE_DOMAIN', 'server5.hostingplex.com/toughtuning.com'); define('HTTPS_COOKIE_PATH', '/osc'); define('DIR_WS_HTTPS_CATALOG', '/osc/'); Try those settings - and if your host uses a two folder system, one for http docs and another for httpsdocs then you'll have to duplicate your folders/files in the httpsdocs folder. Vger I copied the entire catalog directory to the ssl folder on my server and i still dont see any lock boxes or anything. Any other ideas why it isnt working?
♥Vger Posted July 5, 2006 Posted July 5, 2006 You need to check with your hosting company what the shared ssl pathway for your store is. Vger
Stealth1 Posted July 6, 2006 Author Posted July 6, 2006 You need to check with your hosting company what the shared ssl pathway for your store is. Vger Ok I contacted my hosting company and they replied saying in order to have a working ssl certificate I need a dedicated IP which is another $30 a year? Is this a bunch of crap or are they telling the truth because that sounds kinda dumb to me that I have a hosting account setup with them and now to setup an ssl certificate properly i need to pay another $30?
Dale S Posted July 6, 2006 Posted July 6, 2006 Ok I contacted my hosting company and they replied saying in order to have a working ssl certificate I need a dedicated IP which is another $30 a year? Is this a bunch of crap or are they telling the truth because that sounds kinda dumb to me that I have a hosting account setup with them and now to setup an ssl certificate properly i need to pay another $30? You'll need to check the contract with them. Some companies include SSL with your service. If you look closely you may find it specifies shared SSL which is pretty will worthless (in my opinion) To get SSL in your own name you are looking at the cost of the certificate (which ranges from about $30 to $500) plus the cost of the dedicated IP address (yes, it is required). Unless you plan to have sales in the hundreds of thousands of $$ the low cost certificate will work fine. I don't know what you are paying for your hosting but for example we charge about $100 per year for hosting and if you want SSL we add an additional $50. That covers the IP address, the certificate, and install of the certificate. I don't think we are the cheapest and I know we are not the most expensive. You just gave the price for the IP so I wanted to let you know to figure the total costs. The additional IP is just part of it.
Stealth1 Posted July 6, 2006 Author Posted July 6, 2006 I think paid $110US for 2-years hosting with a free domain, in my cpanel i have setup an ssl certificate. Is that not the same thing? So is $30 a decent price for setting up a dedicated IP for 1year and is it really worth it? This is a small business and im trying to keep costs to a minimum.
♥Vger Posted July 6, 2006 Posted July 6, 2006 Any SSL cert you 'set up' in your hosting control panel (e.g. you didn't go out and buy it), is worthless. It is what is called a 'self signed' certificate, and is 'Not Trusted' because it is both Issued To and Issued By your website. For a cert to be 'Trusted' it has to be Issued To your website but Issued By a Trusted Provider of SSL certs like GeoTrust, Thawte, VeriSign etc. $30 dollars a year is a fair price for a dedicated ip address, but then you need to add the cost of the full ssl cert on top of that. I am surprised that your hosts don't provide a shared ssl facility though, as it does appear to exist. A 'Trusted' shared ssl is fine, but undoubtedly your own full ssl cert is better for customer trust. Vger
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.