dewed Posted September 15, 2008 Share Posted September 15, 2008 I've spent the past day and a half trying various solutions found in the forum to try and get a shared SSL cert from 1and1 working. I've concluded it can NEVER work... Building on the helpful post, I created the famous myenv.php file and added to it. <?php require 'includes/configure.php'; echo 'HTTP HOST: ' . "$HTTP_HOST"; echo '<br>Server Port: ' . getenv('SERVER_PORT'); echo '<br>SSL Status: ' . getenv('HTTPS'); echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER'); echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST'); echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY'); ?><hr> <form name="test_form" action="<?php echo HTTPS_SERVER . $_SERVER['PHP_SELF']; ?>" method="post"> enter something <input type="text" name="data"> <br /> <input type=submit> </form> <?php if (empty($_POST['data'])){echo '<h2>No detectable submitted data</h2>';} ?> <hr><pre>POST ARRAY <?php print_r($_POST); ?> <br /><br /> <hr><pre>SERVER ARRAY <?php print_r($_SERVER); ?> </pre> No amount of coaxing (eg; tweaks to the configure.php file) results in the posted data being returned back to the form that submitted it.. results, any secured form fails since it never even sees the submitted data. No matter how I view this extended myenv.php, either https://ssl.perfora.net/domain.com/myenv.php (which simply redirects to http://domain.com/myenv.php) or directly http://domain.com/myenv.php the getenv() functions are all blank. Submitting the form to the same URL that the OSC secured form would use does not populate the $_POST array, and there is still nothing in any of the related enviroment variables to indicate the form was submitted, redirected.. etc. and to top it all off. I am now out of coffee and aspirin :huh: . Just call me Dewed ... Link to comment Share on other sites More sharing options...
dewed Posted September 15, 2008 Author Share Posted September 15, 2008 well.. if anyone is listening ... I'm now convinced 1and 1 has made some sort of clerical error .... Here's the full scenerio .. 2 sites, wholesale at http://www.wholesalectg.com/ this has a dedicated SSL cert and works and retail at http://www.cottagecomforts.biz/ this is using the shared SSL cert, and all secured forms never see the submitted data using HTTPS in the url to view a secured version of the shared SSL site eg; https://www.cottagecomforts.biz/ loads the wholesale site. The site's looks similar , but the wholesale site has the word "wholesale" in the title This url should also load the retail site .. and it does but its not encrypted via SSL https://ssl.perfora.net/cottagecomforts.biz No secured forms will work, since the forms post the info to https://ssl.perfora.net/cottagecomforts.biz which them redirects to a non secured page, losing the submitted data in the process. .... is that how they (1and1) actually expect it to work ? Just call me Dewed ... Link to comment Share on other sites More sharing options...
Guest Posted September 16, 2008 Share Posted September 16, 2008 try changing your configure.php to use https ://ssl.perfora.net/www.cottagecomforts.biz Link to comment Share on other sites More sharing options...
dewed Posted September 25, 2008 Author Share Posted September 25, 2008 try changing your configure.php to use https ://ssl.perfora.net/www.cottagecomforts.biz I'm pretty sure I had tried both with and without www ... but now, with no obvious changes otherwise, it suddenly works. For future 1and1 shared SSL victims, here is what I wound up with .. define('HTTP_SERVER', 'http://www.cottagecomforts.biz'); define('HTTPS_SERVER', 'https://ssl.perfora.net/www.cottagecomforts.biz'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.cottagecomforts.biz'); define('HTTPS_COOKIE_DOMAIN', 'cottagecomforts.biz'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); Just call me Dewed ... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.