Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Configuration Problem


mkoche

Recommended Posts

Hi:

 

I am hoping that I can get the help I need to overcome some of the problems I am having in getting OsCommerce to recognize that I have an ssl certificate and to use it. I have been reading the forum topics for a few weeks but have not been successful. I recently returned OsCommerce to its default installation in trying to backtrack to the source of the problem. I would say that I have three issues:

 

1. OsCommerce does not use https during checkout.

2. If I force it using an https url address the padlock shows unsecure content.

3. Every time I change the config files OsCommerce forces a new installation.

 

1. OsCommerce does not use https during checkout (or admin unless I force it)

 

Here are my configuration files:

 

...admin/includes/configure.php

 

define('HTTP_SERVER', 'https://footopia.us'); // eg, http://localhost or - https://localhost should not be NULL for productive servers

define('HTTP_CATALOG_SERVER', 'https://www.footopia.us');

define('HTTPS_CATALOG_SERVER', 'https://www.footopia.us');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server.

 

....includes/configure.php

 

define('HTTP_SERVER', 'http://www.footopia.us'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.footopia.us'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.footopia.us');

define('HTTPS_COOKIE_DOMAIN', 'footopia.us');

define('HTTP_COOKIE_PATH', '/catalog');

define('HTTPS_COOKIE_PATH', '/catalog');

define('DIR_WS_HTTP_CATALOG', '/catalog');

define('DIR_WS_HTTPS_CATALOG', '/catalog');

Link to comment
Share on other sites

(This is the end of my post...)

 

I am using an ssl cert on godaddy.com, which hosts the account. I have followed the directions and even tried most of the suggestions I could find on the forum. I set my certificate with the www extension but adding it in or taking it out seems to make no difference.

 

2. If I force it using an https url address the padlock shows unsecure content.

 

An example here: Secure checkout link

 

Admin comes out secure if i access it with htpps: Admin secure link

 

I purposely went back to the installation in case (I had made quite a few changes). The source code when I view the page does contain quite a few full references to the site for images but these are all coming from the OsCommerce code.

 

3. Every time I change the config files OsCommerce forces a new installation.

Is this related to permissions???? I haven't found that anyone else has this problem.

 

Hope someone can help! I have wasted so much time on this.

 

Cheers,

 

Scott

Link to comment
Share on other sites

Make the myenv.php file described in this post:

 

Click me

 

Upload it into your /catalog folder.

 

Access it with this link:

 

https://www.footopia.us/catalog/myenv.php

 

Copy/paste what it outputs to your browser into your next post.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Make the myenv.php file described in this post:

 

Click me

 

Upload it into your /catalog folder.

 

Access it with this link:

 

https://www.footopia.us/catalog/myenv.php

 

Copy/paste what it outputs to your browser into your next post.

 

HTTP HOST: footopia.us

Server Port: 80

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By:

 

Did this yesterday and the server port 480, I think.

Link to comment
Share on other sites

Well, that was an exercise in futility.

<_<

 

The problem is this in your source code of your "secure" catalog page:

 

<base href="http://www.footopia.us/catalog/">

It should be:

 

<base href="https://www.footopia.us/catalog/">

The problem is because of this code in /catalog/includes/application_top.php

 

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

The environment variable it is looking for isn't set in your environment.

 

In order for me to help any further, I'll need to send you a PM with the source code for another PHP file for you to upload to your site, and let me access it with my browser.

 

If you're willing to do that, I'll PM it to you.

 

Let me know.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

define('HTTP_COOKIE_DOMAIN', 'www.footopia.us');

define('HTTPS_COOKIE_DOMAIN', 'www.footopia.us');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

And I think you'll also need to edit application_top.php, as the https port isn't being picked up at all. Look for posts about "1and1 ssl" on this forum and you should find the answer.

 

Vger

Link to comment
Share on other sites

Thanks, Ma'am.

:)

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Let's try Miss Anthony's suggestion first.

 

In /catalog/includes/application_top.php

 

Find this line:

 

 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Alter it to this:

 

 $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

It would be a good idea to backup the file first.

 

Let me know if this fixes the problem.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Or if you prefer a link to the contribution:

 

Click Me

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

looks like you are also losing it with the cookie, as you have the http cookie domain at www.footopia.com however you have the https cookie domain at footopia.com

they should both match

Link to comment
Share on other sites

Thnx.

;)

 

I haven't looked over the config file much yet.

 

Just trying to get SSL to kick in.

:lol:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Let's try Miss Anthony's suggestion first.

 

In /catalog/includes/application_top.php

 

Find this line:

 

 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Alter it to this:

 

 $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

It would be a good idea to backup the file first.

 

Let me know if this fixes the problem.

 

Tried this. No change that I could detect.

Link to comment
Share on other sites

OK.

 

Plan "B".

 

One PM, coming up, hold the pickles...

:blink:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

looks like you are also losing it with the cookie, as you have the http cookie domain at www.footopia.com however you have the https cookie domain at footopia.com

they should both match

 

Changed as per suggestion. Thanks. Problem still the same

Link to comment
Share on other sites

Change the line in application_top to this:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

Post again when you have tried it with this modification.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Gave it a try. Am still testing but I don't note any change. The link you posted earlier said to also change in admin/index.php but the line is not in there (it was in the other file...)

 

 

Change the line in application_top to this:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

Post again when you have tried it with this modification.

Link to comment
Share on other sites

I've never heard of that problem.

:huh:

 

What do you mean "forces a new install", exactly?

:unsure:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

When I change a configure file, I get the original install screen and I must re-input all the site data... this from any url that calls OsCommerce.

 

I've never heard of that problem.

:huh:

 

What do you mean "forces a new install", exactly?

:unsure:

Link to comment
Share on other sites

After you get a successfull install, have you tried renaming the install folder?

:unsure:

 

osC doesn't "keep track" of changes to the configure files in the sense that if any are altered it shouldn't ask for a new install...

 

Wierd...

:blink:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Yes: If I change the name of the install directory I get an error called in application_top which basically says that it cannot find the install files. The (strlen)(DB_server) <1 condition is what seems to send it to the install file but I don't know why changing the configure files would change that.

 

After you get a successfull install, have you tried renaming the install folder?

:unsure:

 

osC doesn't "keep track" of changes to the configure files in the sense that if any are altered it shouldn't ask for a new install...

 

Wierd...

:blink:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...