Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

SSL error items are untrusted

sanchito75

By sanchito75
in General Support

Recommended Posts

sanchito75

sanchito75

Posted
Posted

:unsure:

Hi All,

I am hoping that someone can help me. I followed the intruction in the forums here for installing an SSL cert and changing the configure.php. I purchased my cert from go daddy and am running only this website on my server and share the SSL cert with no other website. Below is the my configure.php

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.storeplay.net'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.storeplay.net'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'http://www.storeplay.net');

define('HTTPS_COOKIE_DOMAIN', 'https://www.storeplay.net');

define('HTTP_COOKIE_PATH', 'http://www.storeplay.net');

define('HTTPS_COOKIE_PATH', 'https://www.storeplay.net');

define('DIR_WS_HTTP_CATALOG', '/oscommerce/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/oscommerce/catalog/');

define('DIR_WS_IMAGES', '/oscommerce/catalog/images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

The issue I am having is that when you go to our website and click any of the links below the main storeplay.net website header such as home, and others you will receive an SSL error that refernces the site is not fully trusted as it contains some secure and non secure items. I spoke to my SSL vendors support dept and they said that I will receive this message as those link such as home reference others link that are http and not https therfore you can't apply an SSL cert to items on a page that are https and http. It has to be all HTTPS in order for the client nodes to fully trust the certs. I also noticed that since the I am having this issue that SSL padlock does not appear when clicking on a link that shows https. I am thinking that this will appear once I acheive one of the following below. So here is what I am trying to determine

 

1) When I modify and set ('ENABLE_SSL', true); how can I tell it to not make all links that are referenced by index.php to use SSL such as home page link, aboutus.php, contactus.php and others?

 

or

 

2) How can I tell other pages such as home or index.php, aboutus.php, and other php pages that do require SSL encryption to add https to any other link or url paths to items on that page link the home page link

 

Any help would be greatly appreciate

Jack_mcs

Jack_mcs

Posted
Posted

The problem is, as stated, one or more links on the page is not secure. The way to fix that is to find the code that is causing the problem and disable it for ssl by adding

if ($request_type == NONSSL) {

before it and 

}

after it. You may need to enclose those with php tags if the code is in an html section.

 

The above is the easy part. Finding the link(s) causig the problem can be difficult. If it happens on every page, then it has tobe in the header, columns or footer. Look for links to external pages. Also note that non-showing links can cause it like google analytics code. If you are able to, the easy way to find it is to temporairly remove the various parts. You can use a page that is not used often like contact us for testing so it doesn't disrupt your site much. Doing that should allow you to locate the problem area within minutes.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

sanchito75

sanchito75

Posted
  • Author
Posted
The problem is, as stated, one or more links on the page is not secure. The way to fix that is to find the code that is causing the problem and disable it for ssl by adding
if ($request_type == NONSSL) {

before it and 

}

after it. You may need to enclose those with php tags if the code is in an html section.

 

The above is the easy part. Finding the link(s) causig the problem can be difficult. If it happens on every page, then it has tobe in the header, columns or footer. Look for links to external pages. Also note that non-showing links can cause it like google analytics code. If you are able to, the easy way to find it is to temporairly remove the various parts. You can use a page that is not used often like contact us for testing so it doesn't disrupt your site much. Doing that should allow you to locate the problem area within minutes.

 

Jack

 

 

many thanks jack :) Now I have a place to start and just have to find the needle(s) in the haystack causing the issue. Once I find those pages do I just need just insest the code above and insert it for the most part? Also can you tell me what specifc php tags I will need to put if the pages are html that I change. I am very very new to PHP and uderstand that very, very basics of html.

sanchito75

sanchito75

Posted
  • Author
Posted
many thanks jack :) Now I have a place to start and just have to find the needle(s) in the haystack causing the issue. Once I find those pages do I just need just insest the code above and insert it for the most part? Also can you tell me what specifc php tags I will need to put if the pages are html that I change. I am very very new to PHP and uderstand that very, very basics of html.

 

 

Well i found and even easier way to fix it. I am not sure if it is the righte way

to fix, but here is what i did. It tooks jacks answer and went into the header.php file and then seached in the header.php file for anything that said SSL. The example below is just a tiny part of the header.php

-------------------------------------

******example for shipping before change

tep_href_link(FILENAME_SHIPPING, '', 'SSL'); ?>" class="headerNavigation2"><?php echo HEADER_TITLE_SHIPPING;

 

---------------------------------------

 

Then all I did was change to from SSL to NONSSL like below and saved the .php file

-------------------------------------

 

******Example for shipping after change

 

tep_href_link(FILENAME_SHIPPING, '', 'NONSSL'); ?>" class="headerNavigation2"><?php echo HEADER_TITLE_SHIPPING;

 

Then I just to another machine on the network and tested the links that I changed and they did not display HTTPS in the URL and only used http.....Good news so far now I still have to find out how to change other parts of the code in the pages to use either all SSL or no SSL as using both still generates the message that you are about view items that are secure and nonsecure....

 

 

Anyone have any other ideas? Thanks again Jack I will still see if I can use your method also.

Jack_mcs

Jack_mcs

Posted
Posted

You don't want to do that since it will defeat the purpose of having an ssl in the first place. Besides, the links to the shop pages wouldn't be causing the problem. It is a link to an external page that is doing it. You could try searching the files for http://www.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

sanchito75

sanchito75

Posted
  • Author
Posted
You don't want to do that since it will defeat the purpose of having an ssl in the first place. Besides, the links to the shop pages wouldn't be causing the problem. It is a link to an external page that is doing it. You could try searching the files for http://www.

 

Jack

HI Jack,

thanks for posting agin. I dont have any links to external pages or other websites just links only to my own website. I understand what you are saying above. The lines in the code that I changed have no need to be SSL encryptesd as they are just informative pages that have no personal or private information to be encrypted. So with just that in mind and nothing else is what I did in the header.php ok only for those links that don't need SSL or could I run into a technical issue later?

 

The other links links like my account, cart contents, and checkout are the ones where I should focus on finding what inside those pages are referencing http and both https so that I can make them all https. Does that sound correct to you?

 

Sorry to ask so many questions and thanks for your help!!!!!!!! :)

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...