Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

I'm not getting a padlock anywhere even though I have a dedicated ssl?


No-idea

Recommended Posts

Hello,

 

I have paid and upgraded to have a dedicated ssl with my web hosting.

 

The certificate is all completed I have the verify logo on my site which confirms this however when using all the parts of this site I don't seem to get a padlock appear anywhere. How do I know if its working or if I'm entering a secured page?

 

I don't know if the problem is because I'm using safari?

 

Thanx for any info with this!!

 

No-Idea

Link to comment
Share on other sites

Have you altered your configure file?

:unsure:

 

How to install SSL on OSC: A Simple 1-2-3 Instruction, Simple, straighforward instructions

 

Follow the link above.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

The admin doesn't affect the catalog.

 

I can't definitively answer the "www" question without a link to your site.

 

If the cert. was issued to the domain name with the "www." then yes you need it.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

The admin doesn't affect the catalog.

 

I can't definitively answer the "www" question without a link to your site.

 

If the cert. was issued to the domain name with the "www." then yes you need it.

 

Thank you again for the reply :)

 

I just added it onto my account with 1and1. I have a feeling it should have the www. in front.

 

How would I know then if its working other than the padlock? Is there any other way to tell?

 

I will change the configures to see if that makes any difference :)

Link to comment
Share on other sites

How would I know then if its working other than the padlock? Is there any other way to tell?

Go to the site using IE or Firefox.

 

The padlock should appear on "secure" pages.

 

If you PM me your URL or post it I can help.

 

If not, you're on your own.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Usually, with 1and1 Hosting you have to find this code in your /catalog/includes/application_top.php

 

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

And change it to:

 

// set the type of request (secure or not), modified for 1and1 hosting
 $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Usually, with 1and1 Hosting you have to find this code in your /catalog/includes/application_top.php

 

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

And change it to:

 

// set the type of request (secure or not), modified for 1and1 hosting
 $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

 

Thanx for that I have now changed that too but I can't seem to get a padlock anywhere. I have pmed you my address.

 

Any other ideas?

Link to comment
Share on other sites

Look for this file:

 

/shop/includes/local/configure.php

 

(NOTE the /local in the path above!)

 

Be sure it contains the right data for your HTTP_SERVER and HTTPS_SERVER if it exists (it may not and that's OK).

 

It also may contain a line like this:

 

  define('ENABLE_SSL', 0);

If so, change it to this:

 

  define('ENABLE_SSL', 1);

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Look for this file:

 

/shop/includes/local/configure.php

 

(NOTE the /local in the path above!)

 

Be sure it contains the right data for your HTTP_SERVER and HTTPS_SERVER if it exists (it may not and that's OK).

 

It also may contain a line like this:

 

  define('ENABLE_SSL', 0);

If so, change it to this:

 

  define('ENABLE_SSL', 1);

 

Theres no file in there apart from readme? Should I copy the configure file into there?

Link to comment
Share on other sites

Just as an update I've dropped the configure file in thats in the includes section and I now get a padlock on the customer login side which is great news but I don't get anything for my admin section?

 

Is it ok to copy that entire file into there?

 

Thank you again you have been a great help!!!!

Link to comment
Share on other sites

No.

 

PM me what you have in your /shop/includes/configure.php file for these lines:

 

  define('HTTP_SERVER', ''); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', ''); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', ); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', '');
 define('HTTPS_COOKIE_DOMAIN', '');
 define('HTTP_COOKIE_PATH', '');
 define('HTTPS_COOKIE_PATH', '');

I don't want or need the entire file, just what you have for those seven lines.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Forget my last post.

 

You have it solved now.

 

If you want the Admin to be secure you have to access it with a https URL.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Forget my last post.

 

You have it solved now.

 

If you want the Admin to be secure you have to access it with a https URL.

 

So I'm ok copying the entire file then?

 

If I use the https I'm secure? Is there anyway to make it change to https automatically like it does with the other parts?

 

Thank you :)

Link to comment
Share on other sites

No.

 

It works, don't screw with it.

 

You could make the admin always HTTPS with .htaccess, but I don't know how to do that.

 

I did it another way, but I still have to make the first access with a HTTPS url, thereafter the code change I made keeps it that way.

 

Before I tell you the code change (if you want it), tell me how you edit files on the site.

 

Do you use the osC File Manager?

:unsure:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

No.

 

It works, don't screw with it.

 

You could make the admin always HTTPS with .htaccess, but I don't know how to do that.

 

I did it another way, but I still have to make the first access with a HTTPS url, thereafter the code change I made keeps it that way.

 

Before I tell you the code change (if you want it), tell me how you edit files on the site.

 

Do you use the osC File Manager?

:unsure:

 

I normally download any .php files and edit them in code view in dreamweaver CS3. When I visit the admin area with https I have the padlock when I first login but it goes straight to http then is that correct?

 

Thank you for the help!

Link to comment
Share on other sites

Here's what I did to make the Admin secure all the time.

 

In /admin/includes/html_output.php find this code:

 

////
// The HTML href link wrapper function
 function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
if ($page == '') {
  die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>');
}
if ($connection == 'NONSSL') {
  $link = HTTP_SERVER . DIR_WS_ADMIN;

Change it to:

 

////
// The HTML href link wrapper function
 function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
if ($page == '') {
  die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>');
}
if ($connection == 'NONSSL') {
//	  $link = HTTP_SERVER . DIR_WS_ADMIN;
  $link = HTTPS_SERVER . DIR_WS_ADMIN;

Use it or not.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Here's what I did to make the Admin secure all the time.

 

In /admin/includes/html_output.php find this code:

 

////
// The HTML href link wrapper function
 function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
if ($page == '') {
  die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>');
}
if ($connection == 'NONSSL') {
  $link = HTTP_SERVER . DIR_WS_ADMIN;

Change it to:

 

////
// The HTML href link wrapper function
 function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
if ($page == '') {
  die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>');
}
if ($connection == 'NONSSL') {
//	  $link = HTTP_SERVER . DIR_WS_ADMIN;
  $link = HTTPS_SERVER . DIR_WS_ADMIN;

Use it or not.

 

Sorry about the delay but I don't seem to have that file? Is that possible?

Link to comment
Share on other sites

In my install it's defined in /admin/includes/local/configure.php for some reason, I didn't put it there.

 

If you don't have it defined anywhere put it in your /admin/includes/configure.php something like this:

 

  define('HTTPS_SERVER', 'https://yourdomain.com');

I don't know what your domain name is, and I don't know if you need the "www." in there or not.

 

Use the same definition for HTTPS_SERVER that you have in the /catalog/includes/configure.php

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

In my install it's defined in /admin/includes/local/configure.php for some reason, I didn't put it there.

 

If you don't have it defined anywhere put it in your /admin/includes/configure.php something like this:

 

  define('HTTPS_SERVER', 'https://yourdomain.com');

I don't know what your domain name is, and I don't know if you need the "www." in there or not.

 

Use the same definition for HTTPS_SERVER that you have in the /catalog/includes/configure.php

 

That has worked!! Thank you once again you have been fantastic!!! I now have the SSL working perfectly!!

Link to comment
Share on other sites

Where did you install your logo. I have the SSL working properly. It took my host a half day but they got it. Now I am left with installing the logo. I Would like to put it in my footer. Can you help me?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...