Guest Posted July 29, 2006 Share Posted July 29, 2006 I recently purchased the Turbo SSL from GoDaddy and when I went to install it I think I got it figured out when I go ahead and test it with firefox the broken padlock shows up signifying an insecure connection. How can I fix this? Also, when I am in the admin section just using the http:// there is no padlock and when i go in https:// there is a regular secure one. What gives? Did I mess something up? Thanks for any help. EDIT: I forgot, when I look in the bottom left corner of the Admin section there is still the message saying that I am not protected by SSL encryption. Link to comment Share on other sites More sharing options...
bill110 Posted July 29, 2006 Share Posted July 29, 2006 I recently purchased the Turbo SSL from GoDaddy and when I went to install it I think I got it figured out when I go ahead and test it with firefox the broken padlock shows up signifying an insecure connection. How can I fix this? Also, when I am in the admin section just using the http:// there is no padlock and when i go in https:// there is a regular secure one. What gives? Did I mess something up? Thanks for any help. EDIT: I forgot, when I look in the bottom left corner of the Admin section there is still the message saying that I am not protected by SSL encryption. Had the same problem. check this contribution out. http://www.oscommerce.com/community/contri...ch,secure+admin My Contributions Stylesheet With Descriptions Glassy Grey Boxtops Our Products Meta Tags On The Fly Password Protect Admin "No matter where you go....There you are" - Buccaroo Bonsai Link to comment Share on other sites More sharing options...
Guest Posted July 29, 2006 Share Posted July 29, 2006 Thanks, but the regular main catalog still is showing a partially encrpyted certificate. Is this a certificate problem or is it something to do with my coding and server? Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 It's probably your coding. Typically an image or a Flash object is being referred to with a hard-coded http URL rather than using tep_image to get the location. In Firefox, select Tools..Page Info..Media while viewing an https page. Look for any references that aren't https. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 When I did that every single image is being shown as http:// including all the oscommerce images. I do have my banner that I have just saved on my server, could this be it? Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 Did you do this while viewing an https page? That's when it matters. If so, then the test in includes/application_top.php which sets $request_type is not getting the correct result. Upload this as a PHP file to your server and open it using an https URL. <? print_r ($_ENV); ?> Compare the values shown against the test done in application_top. Depending on your web host, you may need to test a different variable such as HTTP_X_FORWARDED_SERVER. The banner could definitely be a problem - they often are. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 Thanks for the tips. I tried them and I think I have found out that the application_top.php file is bad. When I try to use the https version it gives me errors. Warning: main(includes/configure.php): failed to open stream: No such file or directory in /home/content/s/c/o/scootercentral/html/shop/includes/application_top.php on line 29 Then when I just remove that section of code it comes back saying that lines 52, 54, and 61 are also unable to be found. But yet I do have those files on my server. Should I recreate those files? Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 Some web hosts make you upload a separate copy of your files for SSL content. You do need application_top.php there, so you had better find out why it isn't there (which is what it is complaining about.) Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 I'm using GoDaddy if that helps you in terms of a solution. Link to comment Share on other sites More sharing options...
♥Vger Posted July 30, 2006 Share Posted July 30, 2006 You are best using the Google toolbar whilst on this site and doing a search for GoDaddy, selecting 'Current Site' as your search option. You'll get lots of hits which may help to resolve your problem. As a general point the GoDaddy Turbo SSL cert works fine on osCommerce websites - unless they happen to also be hosted by GoDaddy. Vger Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 Doesn't help me as I don't know what GoDaddy needs, but looking again at the path shown it suggests they don't require separate uploads. So go look on the server to see if application_top.php is where it's supposed to be. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 I have the two application_top.php files in /includes/ and then in /admin/includes/ I think thats where they should be. Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 Yes, but the path being looked for is /home/content/s/c/o/scootercentral/html/shop/includes/application_top.php. Assuming that your store is installed under /shop that seems reasonable, but is it? Perhaps you have the DIR_FS_CATALOG define incorrect? Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 I really do appreciate the help Steve and here's what the DIR_FS_CATALOG is defined as. define('DIR_FS_CATALOG', '/home/content/s/c/o/scootercentral/html/shop/'); Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 I have a new thing that I noticed. If I change the coding in /includes/configure.php from: define('HTTP_SERVER', 'http://www.thescootercentral.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.thescootercentral.com'); // eg, https://localhost - should not be empty for productive servers to define('HTTP_SERVER', 'https://www.thescootercentral.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.thescootercentral.com'); // eg, https://localhost - should not be empty for productive servers where both servers are defined as the https everything works perfectly. But I dont want everysingle page to be encrypted just the required ones for oscommerce. Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 Well, now I'm confused. You said you were getting a PHP script error on your https side, but evidently not. That said, I visited your store and it seems to al be working correctly - http pages are fine and so are the https pages. What's the problem? Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2006 Share Posted July 30, 2006 I was getting the error only when I was going to http://www.thescootercentral.com/shop/incl...ication_top.php. But I made it so that you can view the entire site in HTTPS just a few minutes ago. The main problem I was having is that when you go to log-in to your account it gives me a partially encrypted page instead of full encryption. So then I was trying to fix that. Link to comment Share on other sites More sharing options...
stevel Posted July 30, 2006 Share Posted July 30, 2006 You should not be trying to open application_top.php in a web browser. It's not intended for that, and in fact a .htaccess file in the includes folder should make it impossible to reference that. I didn't see a partially encrypted page when I tried your site earlier. Everything looked fine. Do you still have a problem? Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 31, 2006 Share Posted July 31, 2006 If you check again and try to login you will see that the bpage is partially encrypted. The reason it seemed fine earlier is that I had made it so that the HTTP server was defined as the HTTPS server as well. Link to comment Share on other sites More sharing options...
stevel Posted July 31, 2006 Share Posted July 31, 2006 Actually, when I tried it before it seemed to be just fine. Your problem now is the determination of $request_type as I described earlier. It is returning NONSSL even on an SSL page. I'll also comment that a Flash splash page will make it much harder for search engines to index your site. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 31, 2006 Share Posted July 31, 2006 Ok so the problem is with the $request_type? How can I fix that? And as far as the opening page being flash do you think I should change that or just put one of the META tag contributions on? Link to comment Share on other sites More sharing options...
stevel Posted July 31, 2006 Share Posted July 31, 2006 See the suggestion I made in post 6. My opinion is that the splash page should be removed and your store's content moved into the top level of the site. A splash page is a barrier between you and your customers. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted July 31, 2006 Share Posted July 31, 2006 But what do I need to change? Link to comment Share on other sites More sharing options...
stevel Posted July 31, 2006 Share Posted July 31, 2006 You won't know until you do the test I suggested. Upload that PHP line as a PHP file to your site and open it in the browser with an https URL. Then post the results. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Guest Posted August 1, 2006 Share Posted August 1, 2006 Array ( [SCRIPT_NAME] => /testing.php [PATH_TRANSLATED] => /home/content/s/c/o/scootercentral/html/testing.php [SCRIPT_FILENAME] => /cgi-bin/php [DOCUMENT_ROOT] => /home/content/s/c/o/scootercentral/html [HTTP_ACCEPT] => text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7 [HTTP_ACCEPT_ENCODING] => gzip,deflate [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5 [HTTP_CONNECTION] => keep-alive [HTTP_COOKIE] => phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D [HTTP_HOST] => www.thescootercentral.com [HTTP_KEEP_ALIVE] => 300 [HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5 [REMOTE_ADDR] => 24.254.94.169 [REMOTE_PORT] => 2918 [SCRIPT_URI] => http://www.thescootercentral.com/testing.php [SCRIPT_URL] => /testing.php [SERVER_ADMIN] => [email protected] [SERVER_NAME] => www.thescootercentral.com [SERVER_PORT] => 80 [SERVER_SOFTWARE] => Apache [GATEWAY_INTERFACE] => CGI/1.1 [SERVER_PROTOCOL] => HTTP/1.1 [REQUEST_METHOD] => GET [QUERY_STRING] => [REQUEST_URI] => /testing.php [PATH_INFO] => /testing.php [PATH] => /bin:/usr/bin:/usr/local/bin ) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.