themilkman Posted February 11, 2008 Posted February 11, 2008 Was just speaking to my hosting company who I wish to obtain my certs from and wanted some more info. It is written in the osCommerce docs that a SSL cert will only protect the domain extension for which it is purchased for. So for example if you bought one for www.mydomain.com this will not protect mydomain.com . So my question is - is there a requirement to buy 2 SSL certs to ensure that people coming in from either route are protected or is there a work around on this? Thanks Whats the point of a signature?
germ Posted February 11, 2008 Posted February 11, 2008 "www.mydomain.com" and "mydomain.com" are the same set of files (on most installs), and only ONE SSL certificate is required. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
themilkman Posted February 11, 2008 Author Posted February 11, 2008 "www.mydomain.com" and "mydomain.com" are the same set of files (on most installs), and only ONE SSL certificate is required. Hi Jim - thanks. My hosting company said that protection is for only one entry route, so if the cert is set for www..... then if a user comes in from mydomain.com they are not protected. So even if both routes have the same files only one way will be protected. So is the solution to some how re-direct the mydomian to www.mydomain.com for sake of having only one SSL? Thanks Whats the point of a signature?
Mav666 Posted February 11, 2008 Posted February 11, 2008 You should only need one cert as the www. or lack thereof is set in the configure.php, which generates all the links accordingly - in other words after the click the first time, they will be in the correct one. Even at a Mensa convention someone is the dumbest person in the room.
themilkman Posted February 11, 2008 Author Posted February 11, 2008 You should only need one cert as the www. or lack thereof is set in the configure.php, which generates all the links accordingly - in other words after the click the first time, they will be in the correct one. I see what you mean - so not every single page needs to be SSL protected but those areas that require this protection must have the correct domain pre-fix? Whats the point of a signature?
Mav666 Posted February 11, 2008 Posted February 11, 2008 Well, that too - but if you enter your store at www.abc.com and the cert is for abc.com, provided you have your configure.php setup right, any link you click on that is secure, will point to abc.com - what I'm saying is that the only way this would matter would be if the customer came in directly to a ssl protected page, which they should have no reason to do in the first place. Once you use the first osc created link, the www. or not is unified. Even at a Mensa convention someone is the dumbest person in the room.
themilkman Posted February 11, 2008 Author Posted February 11, 2008 Thanks Mav - think I will purchase the SSL for the www.mydomain.com and then amend the config file if needed. My hosting company alsi suggested to make use of https as this will automatically pick up the SSL redardless of domain pre-fex - they say. Don't know if that will work. Whats the point of a signature?
Mav666 Posted February 11, 2008 Posted February 11, 2008 Once you get the cert, just make sure you turn on SSL in the configure and set the secure variables to www. (in your case) accordingly, like this define('HTTP_SERVER', 'http://www.bla.com'); define('HTTPS_SERVER', 'https://www.bla.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.bla.com'); define('HTTPS_COOKIE_DOMAIN', 'www.bla.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); Even at a Mensa convention someone is the dumbest person in the room.
themilkman Posted February 11, 2008 Author Posted February 11, 2008 Many Thanks Guys Whats the point of a signature?
Jack_mcs Posted February 11, 2008 Posted February 11, 2008 Thanks Mav - think I will purchase the SSL for the www.mydomain.com and then amend the config file if needed. My hosting company alsi suggested to make use of https as this will automatically pick up the SSL redardless of domain pre-fex - they say. Don't know if that will work. This is not correct. You can only purchase a certificate for one domain name and the domains with and without www are different. So if you buy a cert for www.mydomain.com, it will not work for mydomain.com, regardless of how you set up the configure files. It doesn't matter which you choose, but you have to choose one and stick with that. So if you choose www, then always you that in any links you use to your site (setting up the configue files, exchanging links, etc.). You should then add code to your .htaccess file to redirect the non-www pages to the www pages to avoid a duplicate content situation. For further help on this, take a look here and here. Jack Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Mav666 Posted February 11, 2008 Posted February 11, 2008 If the configure matches the cert, any click will direct you to the right prefix. So a second cert would be entirely useless. Even at a Mensa convention someone is the dumbest person in the room.
themilkman Posted February 11, 2008 Author Posted February 11, 2008 Mav - I think Jack is saying to use htaccess instead of changing any config file re-direct to the domain which has SSL protection & your method is to re-direct upon click if in the wrong domain. Whats the point of a signature?
notubes_pete Posted February 11, 2008 Posted February 11, 2008 i just have one for mysite.com then if they use www thats fine but once they click any link it will switch them to mysite.com and they dont switch to https:// untill they log in.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.