Guest Posted October 10, 2006 Posted October 10, 2006 Recently installed OSCommerce. Pay Pal is our payment Gateway. In my first tests, we noticed that the only pages that are secure are the Pay Pal Payment pages. We would like the *My Account Information* pages and the rest of the check out process pages to be secure as well. We don't want customers to feel that they are entering any personal information without it being secure. Does anyone know how we should go about this? Thank you, CFC
Guest Posted October 11, 2006 Posted October 11, 2006 My first question is: Who installed the SSL certificate, you or your webhost? All pages, including My Account, should be in secure mode. Any pages that require login or simply an exchange of data between buyer and seller should be in secure mode. If your webhost installed the cert for you....did you make the necessary changes to your config files to get the certificate working properly after they installed it? Once the SSL certificate is installed, you must edit and make changes to both Catalog > Includes > configure.php and Catalog > Admin > Includes >configure.php Basically, all you're doing is changing SSL = False to True. Have you done that yet?
Guest Posted October 11, 2006 Posted October 11, 2006 This is what I get for posting late at night. LOL. HAVE you installed a SSL certificate? Otherwise, you have no security whatsoever on your site, in any pages other than when the customer trips on over to pay via PayPal.
Guest Posted October 11, 2006 Posted October 11, 2006 This is what I get for posting late at night. LOL. HAVE you installed a SSL certificate? Otherwise, you have no security whatsoever on your site, in any pages other than when the customer trips on over to pay via PayPal.
Guest Posted October 11, 2006 Posted October 11, 2006 This is what I get for posting late at night. LOL. HAVE you installed a SSL certificate? Otherwise, you have no security whatsoever on your site, in any pages other than when the customer trips on over to pay via PayPal. Yes - We purchased an SSL Certificate through our Hosting Service. The SSL Certificate is by GEO Trust Our Hosting service is Atlantic.Net - our site is currently hosted on their shared linux server, Atlantic.net installed the SSL Certificate. A few days ago I asked them to check it and they confirmed that it is installed correctly.
Guest Posted October 11, 2006 Posted October 11, 2006 My first question is: Who installed the SSL certificate, you or your webhost? All pages, including My Account, should be in secure mode. Any pages that require login or simply an exchange of data between buyer and seller should be in secure mode. If your webhost installed the cert for you....did you make the necessary changes to your config files to get the certificate working properly after they installed it? Once the SSL certificate is installed, you must edit and make changes to both Catalog > Includes > configure.php and Catalog > Admin > Includes >configure.php Basically, all you're doing is changing SSL = False to True. Have you done that yet? Yes - We purchased an SSL Certificate through our Hosting Service. The SSL Certificate is by GEO Trust Our Hosting service is Atlantic.Net - our site is currently hosted on their shared linux server, Atlantic.net installed the SSL Certificate. A few days ago I asked them to check it and they confirmed that it is installed correctly. I have changed the SSL from False to True on the 2 configure.php's - am I missing other locations that need to be changed?
Guest Posted October 11, 2006 Posted October 11, 2006 Thank you for trying to help - I renamed my OSCommerce file on my server and uploaded a new one. The new version gives me the secure pages starting with the *Welcome, Please Sign In* page. Best, CFC :rolleyes:
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.