Electronjunkie Posted September 2, 2008 Share Posted September 2, 2008 SME Server 7.3 - OSCommerce Install Instructions Download and Install SME Server 7.3 Log into http://<server-ip>/server-manager'>http://<server-ip>/server-manager and configure your server to your required specifications. Before OsCommerce Installation Run these commands on SME Server : (this allows register globals to be on for various contribs that you may find with OsCommerce as well as all checkmarks green during the OsCommerce installation.) /sbin/e-smith/db accounts setprop Primary AllowOverride All /sbin/e-smith/signal-event ibay-modify Primary Alter your .htaccess in the main OsComm catalog directory. uncomment php_value session.use_trans_sid 0 uncomment php_value register_globals 1 Download and install PHPMyAdmin: yum localinstall ./smeserver-phpmyadmin-2.11.1.2-0.dmay.noarch.rpm Install OsCommerce (follow OsCommerce provided installation instructions) Copy all files in catalog to /home/e-smith/files/ibays/Primary/html/ Create your MySQL database: (I do this via command line. I find it easier.) mysql_setpermission option 2 option 7 Run OsCommerce installation http://<server-ip>/ ________________________________________________________________________________ _________________________________________________________ Set up SSL Certificates 1. Make the CSR Code: openssl req -new -nodes -keyout newserver.key -out newserver.csr Country Name (2 letter code) [AU]: CA State or Province Name (full name) [some-State]: British Columbia Locality Name (eg, city) []: Surrey Organization Name (eg, company) [internet Widgits Pty Ltd]: MyCompany Ltd Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: www.yourdomain.com Email Address []: [email protected] A challenge password []: An optional company name []: NOTE: (Updated Sept 8th)The Common Name that you enter can't contain an asterisk eg *.yourdomain.com unless you are buying a 'Wildcard' certificate (much more expensive). I am using osCommerce software that forces people to use 'www.' but if your site doesn't do that, you may want both https://yourdomain.com and https://www.yourdomain.com to work, or if you need https://something.yourdomain.com to work then you need a 'Wildcard' SSL certificate. 2. Submit the CSR to godaddy.com Code: pico newserver.csr (and select and paste the whole thing into the form on their website) 3. After you get an email back with your certificate and another file called gd_intermediate_bundle.crt *** Backup the files you change if you want to *** a. Copy the text from the certificate you just got into: /etc/httpd/conf/ssl.crt/server.crt and /home/e-smith/ssl.crt/<your.server>.com.crt (double check what your file is named) b. Copy the newserver.key file to replace the old server.key Code: cp newserver.key /etc/httpd/conf/ssl.key/server.key cp newserver.key /home/e-smith/ssl.key/<your.server>.com.key (double check what your file is named) 4. The chained SSL part: Copy the gd_intermediate_bundle.crt file you got by email (the chained ssl certificate) to /etc/httpd/conf/ Code: cp gd_intermediate_bundle.crt /etc/httpd/conf/ Code: mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf pico /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/35SSL10SSLD Add in a this single line of text to that file: Quote SSLCACertificateFile /etc/httpd/conf/gd_intermediate_bundle.crt 5. Security / Restarting (Updated Sept 8th)Ownership/Security of the crt and key files Code: chown root.root /etc/httpd/conf/ssl.key/server.key; chown root.root /etc/httpd/conf/ssl.crt/server.crt; chown root.root /home/e-smith/ssl.key/<your.server>.com.key; chown root.root /home/e-smith/ssl.crt/<your.server>.com.crt; chown root.root /etc/httpd/conf/gd_intermediate_bundle.crt; chmod 400 /etc/httpd/conf/ssl.key/server.key; chmod 644 /etc/httpd/conf/ssl.crt/server.crt; chmod 400 /home/e-smith/ssl.key/<your.server>.com.key; chmod 644 /home/e-smith/ssl.crt/<your.server>.com.crt; chmod 644 /etc/httpd/conf/gd_intermediate_bundle.crt; /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf; /etc/init.d/httpd-e-smith restart; service httpd-admin restart; /sbin/e-smith/config setprop modSSL crt /home/e-smith/ssl.crt/<your.server>.com.crt; /sbin/e-smith/config setprop modSSL key /home/e-smith/ssl.key/<your.server>.com.key; /sbin/e-smith/config setprop modSSL CertificateChainFile /etc/httpd/conf/gd_intermediate_bundle.crt; /sbin/e-smith/signal-event console-save; /sbin/e-smith/signal-event post-upgrade; /sbin/e-smith/signal-event reboot; 6. Alter your config files. All you need to do now is to alter your configure.php files. They're located in (path to catalog)/includes/configure.php, and (path to catalog)/admin/includes/configure.php. OSC is designed to protect the pages that require data encryption, and altering your config files will do this for you. These pages include login, create_account, checkout, etc,. and any other pages that require data-input by the end-user. 7. In includes/configure.php, set the SSL to "true"; it should look something like this near the top, if you assigned the SSL to www.yoursite.com: define('HTTP_SERVER', 'http://www.yoursite.com'); define('HTTPS_SERVER', 'https://www.yoursite.com'); define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', '.yoursite.com'); define('HTTPS_COOKIE_DOMAIN', '.yoursite.com'); 8. In admin/includes/configure.php, set the SSL to "true" and add an "s" after all the http's. So it'll look something like this, if assigned to www.yoursite.com: define('HTTP_SERVER', 'https://www.yoursite.com/'); define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com/'); define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.com/'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module 9. Save and upload your configure.php files to their appropriate directories, perhaps using your FTP tool, or other upload tool of choice, and your SSL should be running smoothly and efficiently. I hope this helps and if there are any suggestions to comments to my methods they are greatly welcome. Please forgive any typos, I have proof read these instructions a few times and I dont belive there are any but no one is is Seven of Nine (HOT HOT HOT !!!) I dont not take credit for all of this post as I have borrowed various post clips to make this work the way I need it to, I want to thank all of you for your great efforts in providing an excellent forums. I couldent have done it without you !!!!! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.