mkoche Posted April 2, 2008 Posted April 2, 2008 Hi: I am hoping that I can get the help I need to overcome some of the problems I am having in getting OsCommerce to recognize that I have an ssl certificate and to use it. I have been reading the forum topics for a few weeks but have not been successful. I recently returned OsCommerce to its default installation in trying to backtrack to the source of the problem. I would say that I have three issues: 1. OsCommerce does not use https during checkout. 2. If I force it using an https url address the padlock shows unsecure content. 3. Every time I change the config files OsCommerce forces a new installation. 1. OsCommerce does not use https during checkout (or admin unless I force it) Here are my configuration files: ...admin/includes/configure.php define('HTTP_SERVER', 'https://footopia.us'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'https://www.footopia.us'); define('HTTPS_CATALOG_SERVER', 'https://www.footopia.us'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. ....includes/configure.php define('HTTP_SERVER', 'http://www.footopia.us'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.footopia.us'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.footopia.us'); define('HTTPS_COOKIE_DOMAIN', 'footopia.us'); define('HTTP_COOKIE_PATH', '/catalog'); define('HTTPS_COOKIE_PATH', '/catalog'); define('DIR_WS_HTTP_CATALOG', '/catalog'); define('DIR_WS_HTTPS_CATALOG', '/catalog');
mkoche Posted April 2, 2008 Author Posted April 2, 2008 (This is the end of my post...) I am using an ssl cert on godaddy.com, which hosts the account. I have followed the directions and even tried most of the suggestions I could find on the forum. I set my certificate with the www extension but adding it in or taking it out seems to make no difference. 2. If I force it using an https url address the padlock shows unsecure content. An example here: Secure checkout link Admin comes out secure if i access it with htpps: Admin secure link I purposely went back to the installation in case (I had made quite a few changes). The source code when I view the page does contain quite a few full references to the site for images but these are all coming from the OsCommerce code. 3. Every time I change the config files OsCommerce forces a new installation. Is this related to permissions???? I haven't found that anyone else has this problem. Hope someone can help! I have wasted so much time on this. Cheers, Scott
germ Posted April 2, 2008 Posted April 2, 2008 Make the myenv.php file described in this post: Click me Upload it into your /catalog folder. Access it with this link: https://www.footopia.us/catalog/myenv.php Copy/paste what it outputs to your browser into your next post. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Make the myenv.php file described in this post: Click me Upload it into your /catalog folder. Access it with this link: https://www.footopia.us/catalog/myenv.php Copy/paste what it outputs to your browser into your next post. HTTP HOST: footopia.us Server Port: 80 SSL Status: Fowarded Server: Fowarded Host: Fowarded By: Did this yesterday and the server port 480, I think.
germ Posted April 2, 2008 Posted April 2, 2008 Well, that was an exercise in futility. <_< The problem is this in your source code of your "secure" catalog page: <base href="http://www.footopia.us/catalog/"> It should be: <base href="https://www.footopia.us/catalog/"> The problem is because of this code in /catalog/includes/application_top.php // set the type of request (secure or not) $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; The environment variable it is looking for isn't set in your environment. In order for me to help any further, I'll need to send you a PM with the source code for another PHP file for you to upload to your site, and let me access it with my browser. If you're willing to do that, I'll PM it to you. Let me know. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
♥Vger Posted April 2, 2008 Posted April 2, 2008 define('HTTP_COOKIE_DOMAIN', 'www.footopia.us'); define('HTTPS_COOKIE_DOMAIN', 'www.footopia.us'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); And I think you'll also need to edit application_top.php, as the https port isn't being picked up at all. Look for posts about "1and1 ssl" on this forum and you should find the answer. Vger
germ Posted April 2, 2008 Posted April 2, 2008 Thanks, Ma'am. :) If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
germ Posted April 2, 2008 Posted April 2, 2008 Let's try Miss Anthony's suggestion first. In /catalog/includes/application_top.php Find this line: $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; Alter it to this: $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; It would be a good idea to backup the file first. Let me know if this fixes the problem. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
germ Posted April 2, 2008 Posted April 2, 2008 Or if you prefer a link to the contribution: Click Me If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
Guest Posted April 2, 2008 Posted April 2, 2008 looks like you are also losing it with the cookie, as you have the http cookie domain at www.footopia.com however you have the https cookie domain at footopia.com they should both match
germ Posted April 2, 2008 Posted April 2, 2008 Thnx. ;) I haven't looked over the config file much yet. Just trying to get SSL to kick in. :lol: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Let's try Miss Anthony's suggestion first. In /catalog/includes/application_top.php Find this line: $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; Alter it to this: $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; It would be a good idea to backup the file first. Let me know if this fixes the problem. Tried this. No change that I could detect.
germ Posted April 2, 2008 Posted April 2, 2008 OK. Plan "B". One PM, coming up, hold the pickles... :blink: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 looks like you are also losing it with the cookie, as you have the http cookie domain at www.footopia.com however you have the https cookie domain at footopia.comthey should both match Changed as per suggestion. Thanks. Problem still the same
germ Posted April 2, 2008 Posted April 2, 2008 Change the line in application_top to this: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; Post again when you have tried it with this modification. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Gave it a try. Am still testing but I don't note any change. The link you posted earlier said to also change in admin/index.php but the line is not in there (it was in the other file...) Change the line in application_top to this: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; Post again when you have tried it with this modification.
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Also does anyone have any idea why it forces a new installation when I change the configure files. It makes it very tedious to try to get them right????
germ Posted April 2, 2008 Posted April 2, 2008 I've never heard of that problem. :huh: What do you mean "forces a new install", exactly? :unsure: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 When I change a configure file, I get the original install screen and I must re-input all the site data... this from any url that calls OsCommerce. I've never heard of that problem. :huh: What do you mean "forces a new install", exactly? :unsure:
germ Posted April 2, 2008 Posted April 2, 2008 After you get a successfull install, have you tried renaming the install folder? :unsure: osC doesn't "keep track" of changes to the configure files in the sense that if any are altered it shouldn't ask for a new install... Wierd... :blink: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Yes: If I change the name of the install directory I get an error called in application_top which basically says that it cannot find the install files. The (strlen)(DB_server) <1 condition is what seems to send it to the install file but I don't know why changing the configure files would change that. After you get a successfull install, have you tried renaming the install folder?:unsure: osC doesn't "keep track" of changes to the configure files in the sense that if any are altered it shouldn't ask for a new install... Wierd... :blink:
mkoche Posted April 2, 2008 Author Posted April 2, 2008 Well, I have seemed to stump everyone. If anything else comes to mind, let me know. I appreciate the help.
Guest Posted April 2, 2008 Posted April 2, 2008 i didnt read the whole thread, is your osC install from your server host or from a download?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.