Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Questions, Questions, Questions


erniethemilk

Recommended Posts

Posted

I have to admit my skills with OS Commerce are somewhat limited, and to get where I have got so far are by luck more than ability, and one or two people on here that have helped me very patiently :thumbsup:

 

I have now reached the stage where I am to put an SSL certificate on to my site, and asked my provider for this - seemingly the easiest (albeit likely to be the most costly) route. An order button or two was pressed, and it now tells me my domain sits with SSL... Problem is I'm not sure what next to do. If I look at my site it comes up normally via http, and if I look at it via https it comes up and tells me wonderful things such as I have a certificate.... and a couple of little equifax symbols in my browser bar at the bottom and the browser window at the top (where the address is)

 

However I guess I need to tell the world this, and I'm not sure how I do this :blink:

 

My e-mails have gone quiet from both my provider and the SSL provider and there is nothing else on my providers pages to tell me its all sorted other than the little words on my manage domain page.....

 

So, where should I begin....

 

Many thanks

Posted

I think you are saying you have a certificate installed but don't know how to enable it for the shop. If that is so, then you need to edit your includes/configure.php file. Set the enable ssl to true and enter your secure url where it says define('HTTPS_SERVER', ''); and enter your domain name where it says define('HTTPS_COOKIE_DOMAIN', '');

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Posted

Thanks for the info Jack, I've tried that and it doesn't do anything -

 

I can type in the https address and it'll re-direct to the site, but it doesn't go there automatically...

 

Anyone any ideas?

Posted

It should be redirecting anywhere unless you are on one of the checkout pages. Is that what you mean? If you go to https://yourdomani.com, does the page display with the ssl lock showing?

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Posted
It shold go to https if you go to login page. If it does the it's working ok. No need for ssl on main page because no sensitive content.

 

But it doesn't tho :(

 

And technically shouldn't it so when the customer logs on he sees that its an SSL coded site for peace of mind for him?

Posted

post your catalog/includes/configure.php file (remove sensitive database details first)

  • 3 weeks later...
Posted

Okay just to make sure I am reading this right:

 

You go to your site (http://www.yourdomain.com) and in the address bar you see http://www.yourdomain.com

 

Now you go to login and you see https://www.yourdomain.com in the address bar and the little padlock icon at the bottom of the browser window.

 

Once you login you go to the homepage and you see http://www.yourdomain.com again.

 

If this is what you are seeing then everything is working properly. SSL is only enabled on pages where information that needs to be secured is located (i.e. login, the checkout process, account info). Other then that you will only see http in the address bar no matter whether you are logged in or not.

 

Can you post your URL or your configure.php file? If you post the configure.php remove all database info (i.e. username, password) or any other sensitive info you may have in there.

Posted
Okay just to make sure I am reading this right:

 

You go to your site (http://www.yourdomain.com) and in the address bar you see http://www.yourdomain.com

 

Now you go to login and you see https://www.yourdomain.com in the address bar and the little padlock icon at the bottom of the browser window.

 

No, When you login, you remain at http://

 

Here is the URL and copy of config file, de-sensitized :)

 

The url is www.slotbox.co.uk

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.slotbox.co.uk'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.slotbox.co.uk');

define('HTTPS_CATALOG_SERVER', 'https://www.slotbox.co.uk');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '; // where the pages are located on the server

define('DIR_WS_ADMIN', '/admin/'); // absolute path required

define('DIR_FS_ADMIN', ''); // absolute pate required

define('DIR_WS_CATALOG', '/'); // absolute path required

define('DIR_FS_CATALOG', ''); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', '');

define('USE_PCONNECT', ''); // use persisstent connections?

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

?>

Posted

Sorry.....

 

If I add this in I then get error messages on my shop :(

 

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.slotbox.co.uk'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.slotbox.co.uk'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.slotbox.co.uk');

define('HTTPS_COOKIE_DOMAIN', 'www.slotbox.co.uk');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', '');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

Posted

What do you mean if you add this in you get problems? That is the problem :)... You need this file in order for osCommerce to work properly. Can you be more specific as to the errors you are seeing?

 

In just an initial look there are a couple things.

 

First:

 

define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');

 

should be:

 

define('HTTP_COOKIE_PATH', '/');
define('HTTPS_COOKIE_PATH', '/');
define('DIR_WS_HTTP_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');

 

Also, not sure if you removed this or not for posting but the line:

 

 define('DIR_FS_CATALOG', '');

 

should have something in it.

Posted

Sorry this does have something in it, I took it out for security purposes....

 

CODE

define('DIR_FS_CATALOG', '');

 

I have changed the cookie paths and directory paths as you suggest, and now get this when logging in to an account...

 

http://www.slotbox.co.uk/https//www.slotbox.co.uk/login.php

 

I can still log in on the normal http domain, this only happens when I go to 'sign in'

 

:)

 

Normally, I get the site go down and error messages come up :)

Posted

It appears the problem isn't with your configure.php file. You have a typo or something in your code somewhere. Did you edit the includes/languages/english/index.php file by chance? Also, when you create links are using the tep_href_link function to build the link or hardcoding them?

 

Can you post your includes/languages/english/index.php file?

Posted
It appears the problem isn't with your configure.php file. You have a typo or something in your code somewhere. Did you edit the includes/languages/english/index.php file by chance? Also, when you create links are using the tep_href_link function to build the link or hardcoding them?

 

Can you post your includes/languages/english/index.php file?

 

Hi there

 

This is the includes/languages/english/index.php file I'm not sure what you mean by building the link or hardcoding them to be honest.... (Sorry, I'm not that familiar with this)...

 

Hope this helps, and thanks for your assistance.... :)

 

 

 

<?php

/*

$Id: index.php,v 1.1 2003/06/11 17:38:00 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

define('TEXT_MAIN', '<strong><h1>Welcome to Slotbox</h1></strong><p> Our slot car store is now active and we are aiming to offer the most comprehensive range of slot cars, and slot car accessories available in the UK, together with great no nonsense service!<p>

 

Slotbox is an online store for your cars, spares, accessories and upgrades. It’s not a question of whether you are a collector, a club racer or a budding Fernando Alonso. Our job is to help everyone, and to offer the best advice possible.<p>

 

Over the next few weeks new products will continue to be added, so please bear with us whilst these updates are taking place, and of course if you don’t see what you are looking for, please don’t hesitate to contact us. <strong>At this present time, payment can be made via Paypal, cheque or postal order. Credit card payments can be taken via phone if you prefer, please contact us on 07886 074 360 for this method of payment or for any other enquiries.</strong><p>

 

<strong><h2>We hope you enjoy shopping with Slotbox.</h2></strong>

');

 

define('TABLE_HEADING_NEW_PRODUCTS', 'New Products For %s');

define('TABLE_HEADING_UPCOMING_PRODUCTS', 'Upcoming Products');

define('TABLE_HEADING_DATE_EXPECTED', 'Date Expected');

 

if ( ($category_depth == 'products') || (isset($HTTP_GET_VARS['manufacturers_id'])) ) {

define('HEADING_TITLE', ' ');

define('TABLE_HEADING_IMAGE', '');

define('TABLE_HEADING_MODEL', 'Model');

define('TABLE_HEADING_PRODUCTS', 'Product Name');

define('TABLE_HEADING_MANUFACTURER', 'Manufacturer');

define('TABLE_HEADING_QUANTITY', 'Quantity');

define('TABLE_HEADING_PRICE', 'Price');

define('TABLE_HEADING_WEIGHT', 'Weight');

define('TABLE_HEADING_BUY_NOW', 'Buy Now');

define('TEXT_NO_PRODUCTS', 'There are no products to list in this category.');

define('TEXT_NO_PRODUCTS2', 'There is no product available from this manufacturer.');

define('TEXT_NUMBER_OF_PRODUCTS', 'Number of Products: ');

define('TEXT_SHOW', '<b>Show:</b>');

define('TEXT_BUY', 'Buy 1 \'');

define('TEXT_NOW', '\' now');

define('TEXT_ALL_CATEGORIES', 'All Categories');

define('TEXT_ALL_MANUFACTURERS', 'All Manufacturers');

} elseif ($category_depth == 'top') {

define('HEADING_TITLE', 'Welcome to www.slotbox.co.uk');

} elseif ($category_depth == 'nested') {

define('HEADING_TITLE', 'Categories');

}

?>

Posted

Sorry I had a typo in my previous post. I didn't need that file. I was thinking something else.

 

And you are positive you are using the configure.php file you posted above as your includes/configure.php file? Somewhere there is a typo that is appending something. I can tell it is a typo because the link is trying to go to:

 

http://www.slotbox.co.uk/https//www.slotbox.co.uk/login.php

 

So even the HTTPS portion is incorrect as it is missing the : after the HTTPS and before the //. But it is right in your configure.php file that you posted.

Posted
And you are positive you are using the configure.php file you posted above as your includes/configure.php file?

 

Yes, I can re-load just to be certain :)

Posted
Somewhere there is a typo that is appending something. I can tell it is a typo because the link is trying to go to:

 

 

I think I've found it, and I think it is a typo.... :-"

 

And I think what has now been loaded is right... when you log in, it logs in under https: and then returns to the catalogue under http:

 

The checkout then goes to https: as well..... and the processed order remains in https:

 

Can't believe you've finally managed to sort this for me!!!!

 

Thank you so much :) :) :) :) :)

Posted
Where was the typo if you don't mind me asking?

 

In the https: address in the config file, I guess sometimes you look at it for so long, it just doesn't register sometimes :blush:

 

However, I had never gotten this close to making the darn thing work before, so I am really so chuffed now :)

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...