No-idea Posted August 10, 2008 Share Posted August 10, 2008 Hello, I have paid and upgraded to have a dedicated ssl with my web hosting. The certificate is all completed I have the verify logo on my site which confirms this however when using all the parts of this site I don't seem to get a padlock appear anywhere. How do I know if its working or if I'm entering a secured page? I don't know if the problem is because I'm using safari? Thanx for any info with this!! No-Idea Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 Have you altered your configure file? :unsure: How to install SSL on OSC: A Simple 1-2-3 Instruction, Simple, straighforward instructions Follow the link above. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 Thanx for the reply :) I had changed the includes one but not the admin. Would that have made a difference? Should I use www. before the address on the https? Thanx again!! Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 The admin doesn't affect the catalog. I can't definitively answer the "www" question without a link to your site. If the cert. was issued to the domain name with the "www." then yes you need it. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 The admin doesn't affect the catalog. I can't definitively answer the "www" question without a link to your site. If the cert. was issued to the domain name with the "www." then yes you need it. Thank you again for the reply :) I just added it onto my account with 1and1. I have a feeling it should have the www. in front. How would I know then if its working other than the padlock? Is there any other way to tell? I will change the configures to see if that makes any difference :) Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 How would I know then if its working other than the padlock? Is there any other way to tell? Go to the site using IE or Firefox. The padlock should appear on "secure" pages. If you PM me your URL or post it I can help. If not, you're on your own. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 Usually, with 1and1 Hosting you have to find this code in your /catalog/includes/application_top.php // set the type of request (secure or not) $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; And change it to: // set the type of request (secure or not), modified for 1and1 hosting $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 Usually, with 1and1 Hosting you have to find this code in your /catalog/includes/application_top.php // set the type of request (secure or not) $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; And change it to: // set the type of request (secure or not), modified for 1and1 hosting $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; Thanx for that I have now changed that too but I can't seem to get a padlock anywhere. I have pmed you my address. Any other ideas? Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 Look for this file: /shop/includes/local/configure.php (NOTE the /local in the path above!) Be sure it contains the right data for your HTTP_SERVER and HTTPS_SERVER if it exists (it may not and that's OK). It also may contain a line like this: define('ENABLE_SSL', 0); If so, change it to this: define('ENABLE_SSL', 1); If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 Look for this file: /shop/includes/local/configure.php (NOTE the /local in the path above!) Be sure it contains the right data for your HTTP_SERVER and HTTPS_SERVER if it exists (it may not and that's OK). It also may contain a line like this: define('ENABLE_SSL', 0); If so, change it to this: define('ENABLE_SSL', 1); Theres no file in there apart from readme? Should I copy the configure file into there? Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 Just as an update I've dropped the configure file in thats in the includes section and I now get a padlock on the customer login side which is great news but I don't get anything for my admin section? Is it ok to copy that entire file into there? Thank you again you have been a great help!!!! Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 No. PM me what you have in your /shop/includes/configure.php file for these lines: define('HTTP_SERVER', ''); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', ''); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', ); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); I don't want or need the entire file, just what you have for those seven lines. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 Forget my last post. You have it solved now. If you want the Admin to be secure you have to access it with a https URL. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 10, 2008 Author Share Posted August 10, 2008 Forget my last post. You have it solved now. If you want the Admin to be secure you have to access it with a https URL. So I'm ok copying the entire file then? If I use the https I'm secure? Is there anyway to make it change to https automatically like it does with the other parts? Thank you :) Link to comment Share on other sites More sharing options...
germ Posted August 10, 2008 Share Posted August 10, 2008 No. It works, don't screw with it. You could make the admin always HTTPS with .htaccess, but I don't know how to do that. I did it another way, but I still have to make the first access with a HTTPS url, thereafter the code change I made keeps it that way. Before I tell you the code change (if you want it), tell me how you edit files on the site. Do you use the osC File Manager? :unsure: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 11, 2008 Author Share Posted August 11, 2008 No. It works, don't screw with it. You could make the admin always HTTPS with .htaccess, but I don't know how to do that. I did it another way, but I still have to make the first access with a HTTPS url, thereafter the code change I made keeps it that way. Before I tell you the code change (if you want it), tell me how you edit files on the site. Do you use the osC File Manager? :unsure: I normally download any .php files and edit them in code view in dreamweaver CS3. When I visit the admin area with https I have the padlock when I first login but it goes straight to http then is that correct? Thank you for the help! Link to comment Share on other sites More sharing options...
germ Posted August 11, 2008 Share Posted August 11, 2008 Here's what I did to make the Admin secure all the time. In /admin/includes/html_output.php find this code: //// // The HTML href link wrapper function function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') { if ($page == '') { die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if ($connection == 'NONSSL') { $link = HTTP_SERVER . DIR_WS_ADMIN; Change it to: //// // The HTML href link wrapper function function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') { if ($page == '') { die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if ($connection == 'NONSSL') { // $link = HTTP_SERVER . DIR_WS_ADMIN; $link = HTTPS_SERVER . DIR_WS_ADMIN; Use it or not. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 14, 2008 Author Share Posted August 14, 2008 Here's what I did to make the Admin secure all the time. In /admin/includes/html_output.php find this code: //// // The HTML href link wrapper function function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') { if ($page == '') { die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if ($connection == 'NONSSL') { $link = HTTP_SERVER . DIR_WS_ADMIN; Change it to: //// // The HTML href link wrapper function function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') { if ($page == '') { die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if ($connection == 'NONSSL') { // $link = HTTP_SERVER . DIR_WS_ADMIN; $link = HTTPS_SERVER . DIR_WS_ADMIN; Use it or not. Sorry about the delay but I don't seem to have that file? Is that possible? Link to comment Share on other sites More sharing options...
No-idea Posted August 14, 2008 Author Share Posted August 14, 2008 I've found that file but when I make the change i get a 404 because in puts https_server into the address bar. Any ideas? Thanx! Link to comment Share on other sites More sharing options...
germ Posted August 14, 2008 Share Posted August 14, 2008 In my install it's defined in /admin/includes/local/configure.php for some reason, I didn't put it there. If you don't have it defined anywhere put it in your /admin/includes/configure.php something like this: define('HTTPS_SERVER', 'https://yourdomain.com'); I don't know what your domain name is, and I don't know if you need the "www." in there or not. Use the same definition for HTTPS_SERVER that you have in the /catalog/includes/configure.php If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
No-idea Posted August 15, 2008 Author Share Posted August 15, 2008 In my install it's defined in /admin/includes/local/configure.php for some reason, I didn't put it there. If you don't have it defined anywhere put it in your /admin/includes/configure.php something like this: define('HTTPS_SERVER', 'https://yourdomain.com'); I don't know what your domain name is, and I don't know if you need the "www." in there or not. Use the same definition for HTTPS_SERVER that you have in the /catalog/includes/configure.php That has worked!! Thank you once again you have been fantastic!!! I now have the SSL working perfectly!! Link to comment Share on other sites More sharing options...
Rosemh47 Posted August 15, 2008 Share Posted August 15, 2008 Where did you install your logo. I have the SSL working properly. It took my host a half day but they got it. Now I am left with installing the logo. I Would like to put it in my footer. Can you help me? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.