smithveg Posted October 18, 2006 Posted October 18, 2006 Hello, I'm not sure whetever i should post this topic in this section or not. I had also do some forums surfing about the SSL, but i still can not find any helps. Ok, let me describe my situation, by the default, my oscommerce installatin is in the hosting site domain.com/public_html directory. I purchase the SSL, and just apply the SSL (https) in the checkout_shipping.php, checkout_payment.php, etc. After i had purchase the SSL certificate, I try to upload those checkout file into a directory /private_html/ Then, i have a demo purchase. I still cannot see any https in the URL. Then i asking helps from hosting site. They give me the answer as below. You have those pages located in the secure folder already. What you have to do now is to re-program or re-write your shopping cart software to point to the https instead of http for those files / pages that you want to be under the SSL part. Can someone helps me... smith **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
ashrafzia Posted October 18, 2006 Posted October 18, 2006 1- Open catalog/admin/includes/configure.php 2- Open catalog/includes/configure.php In both these files, change your links that u want.
smithveg Posted October 19, 2006 Author Posted October 19, 2006 1- Open catalog/admin/includes/configure.php2- Open catalog/includes/configure.php In both these files, change your links that u want. I'm not sure the thing i do is correct or not. But i can see the https when i login into 'customer account' and the 'checkout process'. The code below is in the configure.php, i just need someone to clarify whatever i do is correct or not, and is that really have the SSL apply in that pages. define('HTTP_SERVER', 'http://www.mypewter.com'); //no changes define('HTTPS_SERVER', 'https://www.mypewter.com/'); //change from '' to 'https://www.mypewter.com/' define('ENABLE_SSL', true); //change from false to true define('HTTP_COOKIE_DOMAIN', 'www.mypewter.com'); //no changes define('HTTP_MAIL_DOMAIN', 'mypewter.com'); //no changes Others i keep the same. Then in the hosting site. domain.com Before that, all the thing is run in public_html. Now, I uplaod some pages and directories into private_html (so, it have some duplicate pages in public_dir and private_dir) What am i do is correct or not? or you need my site to have a testing. www.mypewter.com Thanks **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
smithveg Posted October 19, 2006 Author Posted October 19, 2006 1- Open catalog/admin/includes/configure.php2- Open catalog/includes/configure.php In both these files, change your links that u want. I'm not sure the thing i do is correct or not. But i can see the https when i login into 'customer account' and the 'checkout process'. The code below is in the configure.php, i just need someone to clarify whatever i do is correct or not, and is that really have the SSL apply in that pages. define('HTTP_SERVER', 'http://www.mypewter.com'); //no changes define('HTTPS_SERVER', 'https://www.mypewter.com/'); //change from '' to 'https://www.mypewter.com/' define('ENABLE_SSL', true); //change from false to true define('HTTP_COOKIE_DOMAIN', 'www.mypewter.com'); //no changes define('HTTP_MAIL_DOMAIN', 'mypewter.com'); //no changes Others i keep the same. Then in the hosting site. domain.com Before that, all the thing is run in public_html. Now, I uplaod some pages and directories into private_html (so, it have some duplicate pages in public_dir and private_dir) What am i do is correct or not? or you need my site to have a testing. www.mypewter.com Thanks **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
Guest Posted October 19, 2006 Posted October 19, 2006 you have done everything correct. i went to your site and it is secure on login. if you made the correct changes to configure.php files then you are ok. you do not have to modify any other files.
smithveg Posted October 19, 2006 Author Posted October 19, 2006 you have done everything correct. i went to your site and it is secure on login. if you made the correct changes to configure.php files then you are ok. you do not have to modify any other files. Ok, let's move to admin, I had also make the changes to admin configure.php. I seems nothing happen when i login to admin pages. Why? Secondly, I do some test. I had really buy the SSL for mypewter.com For the second site which is pinkjambu.com, I did not buy the SSL certificate. But i just try to set the SSL to true, and do the same thing as the mypewter.com. I seems to have a real SSL in mypewter.com and have a fake SSL in pinkjambu.com But, I noticed that it also have the https features for pinkjambu.com Why? Why i did not buy SSL, but it still works. Thirdly, how can i verrify the SSL expired date, and how can i verify the whetever the SSL is valid or not. I do click the SSL at the bottom of web browser pages. And i read the information inside. But nothing special information there. Thank for the helps. **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
Guest Posted October 19, 2006 Posted October 19, 2006 Ok, let's move to admin, I had also make the changes to admin configure.php. I seems nothing happen when i login to admin pages. Why? Secondly, I do some test. I had really buy the SSL for mypewter.com For the second site which is pinkjambu.com, I did not buy the SSL certificate. But i just try to set the SSL to true, and do the same thing as the mypewter.com. I seems to have a real SSL in mypewter.com and have a fake SSL in pinkjambu.com But, I noticed that it also have the https features for pinkjambu.com Why? Why i did not buy SSL, but it still works. Thirdly, how can i verrify the SSL expired date, and how can i verify the whetever the SSL is valid or not. I do click the SSL at the bottom of web browser pages. And i read the information inside. But nothing special information there. Thank for the helps. when you login to admin, on the control panel bottom left corner is the lock on and it says secure? pinkjambu does not have a secure login and checkout. it may have the line to input in configure.php for https, but this does not mean you have a SSL for this site. i noticed on IExplorer your mypewter site contains non secure and secure items. it sent me a warning of this when i view it. This is probably due to your images not being secure. To verify the SSL simply click the padlock on the bottom right of your browser
Guest Posted October 19, 2006 Posted October 19, 2006 Others i keep the same. Then in the hosting site. domain.com Before that, all the thing is run in public_html. Now, I uplaod some pages and directories into private_html (so, it have some duplicate pages in public_dir and private_dir) What am i do is correct or not? or you need my site to have a testing. www.mypewter.com Thanks So what other files need to be put in the private folder?
smithveg Posted October 19, 2006 Author Posted October 19, 2006 pinkjambu does not have a secure login and checkout. it may have the line to input in configure.php for https, In pinkjambu.com This site haven't buy the SSL, but i try to do something as mypewter.com You can go and have a look, either in IE or FF, i can see the pop up message, What does it means. Is that secure? The pop-up message is 'you have secure and non-secure item i this page' While, in mypewter.com I also see this message when i use IE to browser it. But I had already buy the SSL for this. What to do now? **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
smithveg Posted October 19, 2006 Author Posted October 19, 2006 when you login to admin, on the control panel bottom left corner is the lock on and it says secure? Yes i see it had secure, the message as below, but it mention 'by an unknown secure SSL connection. You are protected by a unknown secure SSL connection. then, when i click either configuratio or anything in the admin. The SSL disappear. It seems the SSL only in the https://www.mypewter.com/admin/index.php Why? **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
smithveg Posted October 19, 2006 Author Posted October 19, 2006 So what other files need to be put in the private folder? I almost upload the whole system from public_dir to private_dir, such as ../includes/, ../admin/, and all the php file in root direcjava script:emoticon(':-"', 'smid_6') So confuse, it just duplicate the file. Or I can delete those file that is related to the https from public_dir. Confuse :-" **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
ed2006 Posted October 20, 2006 Posted October 20, 2006 Hi, I'm new to OSCommerce and SSL installation. II'm in the process of installing SSL and I've done a lot of reading on these forums including the following post which was very helpful SSL In OsCommerce Guide For The Innocent I understand from my reading that configuring the following config.php files is critical catalog/includes/configure.php admin/includes/configure.php However, one question keeps coming up in my mind which I simply have not seen answered. Once SSL is installed, you will have a public_html folder and a private_html folder. What files need to place in the private_html folder? OR does proper configuration of the config.php files for catalog and admin above sufficient in and of themselves to secure the site and allow it to run properly wherein SSL is turned on during checkout and login and admin areas?? I will greatly appreciate any guidance and clarity I can glean from your responses.
smithveg Posted October 23, 2006 Author Posted October 23, 2006 However, one question keeps coming up in my mind which I simply have not seen answered. Once SSL is installed, you will have a public_html folder and a private_html folder. What files need to place in the private_html folder? For me, i have a duplicate file, it means i uplaod the whole /includes/ and /admin/ and /images/ directory into private_html. This is what i done. Hope this help. **** Hello World! ^.^ I'm a Internet naive. Browse my working profile Malaysia Web Services - OPerion Website Marketing System
mousemedia Posted December 19, 2006 Posted December 19, 2006 I have a similar problem. I made those changes in configure.php but I get "Non-Secure/Secure Items" prompt in Internet Explorer. I guess there are non https:// links after I do a secure login. Is this normal? How do I fix this? How I do make the whole cart https:// ? I talked to my hosting company and they said the SSL is installed and working properly and that the whole cart needs to be coded correctly. www.modjolife.com/modjo_cart/ Thank you in advance! RM
Guest Posted December 19, 2006 Posted December 19, 2006 I use a shared ssl. Can some one tell me why my Images are not showing when I am in the secured area or page. Every thing else works fine. Here is my configure.php setup. // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.oneplaceonly.com/'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://secure.somehost.com/~somewhere/'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.oneplaceonly.com/'); define('HTTPS_COOKIE_DOMAIN', 'secure.somehost.com/~somewhere/'); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', ''); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_DOCUMENT_ROOT', '/home/somewhere/public_html/'); define('DIR_FS_CATALOG', '/home/somewhere/public_html/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.