Shared SSL Configuration problem

[macsnjets]

I've searched and cant find the answer. I have shared ssl with my hosting company on the same server however they tell me to load the pages to a different directory. My regular http pages are in /export/web21/omega/steves/www and they say to load secure pages into /export/web21/omega/steves/ssl. Where do I go from here?

Thanks

[macsnjets]

anybody? I tried uploading the entire catalog to the secure directory and some pages work, some don't.

[mthierfelder]

I have the same setup as steve. My company did me the favour of copying my entire cart to the shared SSL server for me so I didn't have to. I believe it is necessary on some SSL servers to upload your site, both to the shared SSL and to the non-SSL to make it work. You must also give reference in the config.php file to your SSL server. :idea:

 

my SSL is at http://secure.cclhosting.com/~icecold/

my NONSSL is at http://www.coolercoolers.com/

 

I have recently had problems with an image that I updated on my server not showing up on the SSL server because it used a relative link. ie: the image tag would be <img src="/catalog/images/cclogos.gif">. I put this in the footer so it would show up on every page, but it doesnt' show up on the SSL server because it would look here for the image: http://secure.cclhosting.com/catalog/image...s/cclogos.gif". I'm working with my hosting company to resolve this issue, seems like my root should be set to hang off the ~icecold directory, not the SSL root. Oh well, hope that helps neway.

 

Mike

[macsnjets]

Well thats how my site is working now but if I don't upload a new image to both the http and the https, it won't show in the https files. Would using a symbolic link be the way to go and would I want the https to link to the http or vice versa?

[Huy]

I am in the same boat as macsnjets and mthierfelder in which I have a seperate directory for my shared SSL stuff.

 

So now, do you guys have to keep two copies of your catalog, one for the nonSSL, and one for SSL? Sounds like this is going to be a hassle...

 

Also, does the entire site need to be uploaded, or just the contents of the /catalog directory?

[mthierfelder]

I'm not sure if you'd have to upload both the /admin and the /catalog to get it to work. It would seem that you might not need to since the /admin operates entirely without an SSL connection, but I'm no pro so I can't say either way.

 

That's also an interesting idea that macsnjets had to create a symbolic link for the images that need to show up both in the HTTP and the HTTPS. I remember I did this with an 'about us' button I added to the header, good thing you guys are thinking; I totally missed that.

 

<?php echo '<img src="'tep_image(DIR_WS_IMAGES . 'your_image_name.gif', YOUR_ALT_TAG) . '";

?>

 

Note: You'd have to define the YOUR_ALT_TAG as a global variable in /catalog/includes/languages/english.php if you wanted to have the alt tag functioning (something I'm sure any self-respecting coder would do, in aid to the visually challenged visitors out there).

[macsnjets]

I got a response from my hosting company and they tell me they can't create a symbolic link. The server is running FreeBSD 4.2 so is this guy being honest or is it not possible or is he just lazy. I really don't know anything about unix, symbolic links and freebsd.

[mthierfelder]

I don't know much about that OS, but it sounds like that guys is just lazy and is giving you some Free BS. If it can run PHP4 then it should be able to handle a symbolic link.

[Guest]

I'm also on shared ssl and have it working properly. the question is ... during the secure session, is there are way to MASK the actual url from being shown.

 

example: NOW it reads:

https://secure.server.com/~user/store/catalog/checkout.php?osCsid=1234567890asbdcdefg

 

I want it to just read:

https://store.domain.com

(and maybe the sid ...or whatever).

 

...and no, oscdox does not provide that answer.

[Guest]

I'm also on shared ssl and have it working properly. the question is ... during the secure session, is there are way to MASK the actual url from being shown.

 

example: NOW it reads:

https://secure.server.com/~user/store/catalog/checkout.php?osCsid=1234567890asbdcdefg

 

I want it to just read:

https://store.domain.com

(and maybe the sid ...or whatever).

 

...and no, oscdox does not provide that answer.

 

*cough*hmm...* ...anyone?? :cry:

[Ramesh]

I've made a posting about this .

 

Basically the beauty of OSC is its ease of use esp. the ADMIN.

 

You shouldnt have to update two catalogs , but this is what everyone using shared SSL seems to be doing.

 

Have a look at the pair networks website (there banner should be on this pag top right) where they discuss SSL and certificates in detail.

 

Customers are always looking for secure safe sites.

Pair offer a certificate at a great price. Shared SSL is fine for securing your control panel , but for sales it just doesnt cut the mustard.

 

more details by me here ->

 

http://www.oscommerce.com/forums/viewtopic.php?t=32906

[mthierfelder]

I have a shared SSL server that runs OSCommerce just dandee. There is an issue with modifying links, or images however. Basically you have to add symobolic links for whatever you are modifying.

 

Example:

 

<php?

echo "<a href=" . tep_href_link('FILENAME','filename.php') . ">Click Here</a>";

?>

 

Very crude, but you get the idea... same goes for images. Reason being that if you just create a relative link, it may work fine on your domain, but the filestructure will be entirely different once you transfer to the SSL server.

 

-Mike

[mindsetdesigns]

okay all these post has ANYONE gotten osC to work correctly on a shared SSL server?? I mean update from one screen not 2 directories??

 

My server has folders:

 

>>http

>>https

 

my admin and catalogue are in http

 

so what should I do just reinstall into the https folder and secure the whole site? or what goes into https and wait why have to split pages of a program up???...oh my god i've gone cross eyed over ssl......

 

 

help

[mthierfelder]

No, uncross your eyes. OSC makes it much more simple than you may think. Just be sure to configure the HTTP and the HTTPS servers in the /catalog/includes/configure.php and OSC will handle all the rest.

 

// * DIR_WS_* = Webserver directories (virtual/URL)

 define('HTTP_SERVER', 'http://www.coolercoolers.com'); // eg, http://localhost - should not be NULL for productive servers



 define('HTTPS_SERVER', 'https://secure.cclhosting.com/~icecold'); // eg, https://localhost - should not be NULL for productive servers



 define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

These three definitions should be all you need to worry about. This is my configuration and as you can see I am on a shared SSL host and works just dandee. :wink:

[macsnjets]

I'm configured basically the same however when a secure page loads a product image it cant find it because when the new products are uploaded, the image only loads to the nonsecure image folder. Read my first few posts here where I descibe how my www and ssl directories are set up. There has to be a way around this. I'm ready to switch hosting companies.

[ryans1000]

mthierfelder, I looked at your site. When you add products through the admin page (looks like your admin is on the SSL server) do you have to than manually copy them over to the WWW images folder.

[mthierfelder]

no, it does not require that.

[alex B]

I am having the same problem. What interesting is I have not copied images to secure server folder in admin, and the working fine in catalog when it switches to secure server. I guess the question is why images being displayed just fine in secured catalog, yet not in secured admin?

[sinkers]

*cough*hmm...* ...anyone??  :cry:

<{POST_SNAPBACK}>

 

 

I just wondered if you ever received a solution to the masking of URL's when using a shared SSL?

[Guest]

I just wondered if you ever received a solution to the masking of URL's when using  a shared SSL?

<{POST_SNAPBACK}>

 

At one point in time I read something about changing the URL.

It dealt more with hidding the variables, etc. but might work for you.

 

As for the SSL being seperate. I to am configure this way and have not got much help with what should be in one vs the other and a direct copy hasn't yet worked.

Though user errors might have something to do with this.

Currently if I set SSL to false things work better but turn it on an nope.

 

If indeed it's a direct copy perhaps a permissions issue?

For those who fixed it I would love some help!

[Guest]

there is no way to mask the url just for the shared ssl side, better off to just live with the fact someone else's domain pops up when using ssl (most people could care less) or get a static ip and an ssl

[dompazz]

I have this problem as well and have got by with copying all the files to the ssl directory. Unfortunately I do not have a SSH or Telnet login to the server, so I am forced to ftp the files back to my computer and then upload back to the SSL directory.

 

Has anyone considered making a utility to copy the entire catalog directory structure to another location? It would make our (those of us that have to deal with this) lives easier.

[AlanR]

I have this problem as well and have got by with copying all the files to the ssl directory.  Unfortunately I do not have a SSH or Telnet login to the server, so I am forced to ftp the files back to my computer and then upload back to the SSL directory.

 

Has anyone considered making a utility to copy the entire catalog directory structure to another location?  It would make our (those of us that have to deal with this) lives easier.

<{POST_SNAPBACK}>

 

Ask your host set up a symlink or get them to make an hppd adjustment.

 

Lots of server admins will be happy to let you have hours and hours of extra work so they can avoid a 5 minute task. They can fix this.

[Guest]

or, change hosts!~ hosts do this now a days to charge you for storage space used, or get u to bump up your account

[jlilley]

No, uncross your eyes. OSC makes it much more simple than you may think. Just be sure to configure the HTTP and the HTTPS servers in the /catalog/includes/configure.php and OSC will handle all the rest.

// * DIR_WS_* = Webserver directories (virtual/URL)

 define('HTTP_SERVER', 'http://www.coolercoolers.com'); // eg, http://localhost - should not be NULL for productive servers
 define('HTTPS_SERVER', 'https://secure.cclhosting.com/~icecold'); // eg, https://localhost - should not be NULL for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?

These three definitions should be all you need to worry about. This is my configuration and as you can see I am on a shared SSL host and works just dandee. :wink:

 

I don't have /catalog/includes/configure.php. I am running osCommerce version 2.2. So is there another file I need to fix to get the checkout portion running on SSL?