Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Problems: getenv('HTTPS') returns nothing


rwgomez

Recommended Posts

I've gotten my client's ISP (tds.net) to install the client's Comodo SSL certificate, and it works when I access a simple, text-only HTML page, but, in OsCommerce, the images are not being sent from the secure URL, causing a broken lock to appear in the browser. Basically, OsCommerce's PHP doesn't seem to be able to detect https.

 

I've tried the myenv.php example offered in this post. And it returns the exact same response regardless of whether I access the file from http or https. See for yourself here:

 

http://www.mmoca.org/catalog/myenv.php

https://www.mmoca.org/catalog/myenv.php

 

The ISP's response was the following:

 

As for the myenv.php, it is working correctly, believe it or not. The reason is that the server never sees if you are using SSL or not b/c the SSL is terminated ahead of the server (i.e. the SSL is off-loaded to a device in front of the server so that the server does not need to do SSL itself). Thus, PHP will always believe you're connecting to port 80 (i.e. http), whether you use http or https.

 

My solution has been to disable the check for SSL in application_top.php to make it assume you always have an SSL connection. ALso, I changed the non-ssl server info in the config.php to the https URL. Finally, I added a quick javascript redirect just in case someone hits an "http:" url.

 

Firstly, is this a decent comprimise or will there be issues I am not aware of? And also is the ISP's response normal, or do you think they might have something set up wrong?

 

Secondly, given the weird SSL setup, is there any PHP check I can use in lieu of getenv('https')?

 

Any help would be fantastic. I am a PHP noob of the first order.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...