SSL Issue Need Help

[oscommercerules]

Hello All,

 

I have setup a Turbo SSL with Go Daddy for website http://www.bestdiscountcigarettes.com

SSL site https:/bestdiscountcigarettes.com

 

I havetried everything available to setup the SSL including below:

 

includes/configure.php

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://bestdiscountcigarettes.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.bestdiscountcigarettes.com');

define('HTTPS_COOKIE_DOMAIN', 'www.bestdiscountcigarettes.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

 

and below

 

admin/includes/configure.php

 

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://bestdiscountcigarettes.com');

define('HTTPS_CATALOG_SERVER', 'https://bestdiscountcigarettes.com');

define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module

define('DIR_WS_HTTP_CATALOG', '/catalog/');

 

I also followed below post to no success:

http://www.oscommerce.com/forums/index.php?showtopic=316286

 

I do not know where else to turn to for help on this any help would be very much appreciated.

 

Regards, John

[lindsayanng]

what do you mean no success?? what is happening? is there NO SSL, are there errors??

 

this might sound silly, but is your oscommerce site actually in a folder called CATALOG???

[oscommercerules]

I have had no success when going to checkout the website should redirect to SSL page but this is not happening it is staying on the non SSL website.

There are no errors the problem is that the site is not redirecting to SSL links https://bestdiscountcigarettes.com

 

Yes the website was not installed in the root of the website it was installed in a folder called catalog.

[FIMBLE]

define('HTTP_COOKIE_DOMAIN', 'www.bestdiscountcigarettes.com');

define('HTTPS_COOKIE_DOMAIN', 'www.bestdiscountcigarettes.com');

 

should be

define('HTTP_COOKIE_DOMAIN', 'http://www.bestdiscountcigarettes.com');

define('HTTPS_COOKIE_DOMAIN', 'https://www.bestdiscountcigarettes.com');

[oscommercerules]

Hey Nic,

 

Thanks for your help it seems configure file was not allowing update due to chmod access but now I have a problem wherby the SSL is kicking in from the start and none of the images are showing :( http://www.bestdiscountcigarettes.com/catalog/specials.php

 

Please any help would be much appreciated.

[FIMBLE]

So long as this line

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com');

is not https is should be ok.

You're SSL link shows as

 

https://bestdiscountcigarettes.comlogin.php/?

You have slashes in the wrong place

Post you catalog includes configure.php here

Not the passwords section though!

Nic

[oscommercerules]

Hello,

 

I figured out that problem it was the following:

 

code in incudes/configure.php

define('DIR_WS_HTTPS_CATALOG', '');

 

should be:

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

But now I have a pop up error when going to secure pages like checkout

 

This page displays both secure and non secure items.

 

Do you want to display non secure images?

 

Help appreciated

[oscommercerules]

Hey Nic,

 

Thanks for your help it seems configure file was not allowing update due to chmod access but now I have a problem wherby the SSL is kicking in from the start and none of the images are showing :( http://www.bestdiscountcigarettes.com/catalog/specials.php

 

Please any help would be much appreciated.

 

Thanks Nic,

 

You have been a great help:

 

Now I have a pop up error when going to secure pages like checkout

This page displays both secure and non secure items.

Do you want to display non secure images?

 

Any idea how to fix this I believe this will complete things.

 

Regards, oscommercerules

[oscommercerules]

So long as this line

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com');

is not https is should be ok.

You're SSL link shows as

 

https://bestdiscountcigarettes.comlogin.php/?

You have slashes in the wrong place

Post you catalog includes configure.php here

Not the passwords section though!

Nic

 

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://bestdiscountcigarettes.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'http://bestdiscountcigarettes.com');

define('HTTPS_COOKIE_DOMAIN', 'https://bestdiscountcigarettes.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/content/b/e/s/bestdiscount/html/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/')

[FIMBLE]

Your configure.php is fine,

Your problem comes from the hard coded links on your site.

Your My account link, while itis coded to be SSL links to https://bestdiscountcigarettes.com/catalog/

it should be https://www.bestdiscountcigarettes.com/catalog/ as this is where your configure tells the store to look for SSL

 

Two things you can do

 

1) change the configure.php remove the www.

2) change the links from http://best..... to https://www.best...

 

Nic

[oscommercerules]

Your configure.php is fine,

Your problem comes from the hard coded links on your site.

Your My account link, while itis coded to be SSL links to https://bestdiscountcigarettes.com/catalog/

it should be https://www.bestdiscountcigarettes.com/catalog/ as this is where your configure tells the store to look for SSL

 

Two things you can do

 

1) change the configure.php remove the www.

2) change the links from http://best..... to https://www.best...

 

Nic

 

All www are off but still have the issue how can I get all links on pages which I need to be secure to point to https:bestdiscountcigarettes.com as this also can work as per example: https://bestdiscountcigarettes.com/catalog/images/c_name.gif

 

Maybe I should make all the site SSL do you know how this can be done. Thank you for all your help Nic

 

 

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://bestdiscountcigarettes.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'http://bestdiscountcigarettes.com');

define('HTTPS_COOKIE_DOMAIN', 'https://bestdiscountcigarettes.com');

 

 

define('HTTP_SERVER', 'http://bestdiscountcigarettes.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://bestdiscountcigarettes.com');

define('HTTPS_CATALOG_SERVER', 'https://bestdiscountcigarettes.com');

define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module

[FIMBLE]

Looks like it already is Bob,

It all seems to be fine to me, i had no pop up messages.

All of your site on SSL could slow it down so just beware of this

Nic

[oscommercerules]

Hey Nic,

 

I made the entire site SSL and it seems to work fine :)

 

What do you think?

 

Also why is there no padlock on the bottom of Internet Explorer 7.0 on Vista

Should there not be padlock below?

 

Thanks

[FIMBLE]

I have it on IE 7 xp pro

Firefox 3.02

Chrome

Safari

 

They all show the padlock fine

Nic

[oscommercerules]

Thanks Nic you are great

[FIMBLE]

Your're welcome :-)

[tinkerbell46325]

Your're welcome :-)

i have a question , my webstie has ssl, but the lock displays only at login, register

once the person is login, starts browsing pages the lock dissapears

when click buy a product' or add to cart, the lock is not there on the page

at checkout' continue' confirm the lock appears again,

Should the site be secure at all times? only during checkout, loggin,register?

i have seen websites that don't have the lock until login ' but i am confuse now

or should i not worry' and keep as it is

Can somebody please help me figure this out please !

Thank you

[FIMBLE]

i have a question , my webstie has ssl, but the lock displays only at login, register

once the person is login, starts browsing pages the lock dissapears

when click buy a product' or add to cart, the lock is not there on the page

at checkout' continue' confirm the lock appears again,

Should the site be secure at all times? only during checkout, loggin,register?

i have seen websites that don't have the lock until login ' but i am confuse now

or should i not worry' and keep as it is

Can somebody please help me figure this out please !

Thank you

 

 

Hi

The purpose of SSL is to protect users details from people intercepting them, so any file that has

customers names and addresses, credit card details etc should have SSL, the rest is fine.

Even though the customer is looged in the details are no where to be seen / found so therfore safe.

 

Its worth mentioning though that Admin should be secure too.

 

Nic

[Sir Lance]

Hi I have installed OpenSSL on my PC at home to create some certificates for PAYPAL.

 

What I now would like to know, is Can I use OpenSSL as my SSL certificates instead of paying my web host $200 / year ??

 

 

And what do i Need to do to implement this ? Ie do I need to open some files into a \usr\bin\openssl dir ??

 

SL

[tinkerbell46325]

Hi I have installed OpenSSL on my PC at home to create some certificates for PAYPAL.

 

What I now would like to know, is Can I use OpenSSL as my SSL certificates instead of paying my web host $200 / year ??

 

 

And what do i Need to do to implement this ? Ie do I need to open some files into a \usr\bin\openssl dir ??

 

SL

I would like to know that also??? i never thought about that, Some SSL info here

nurdletech.com/https.html

About the security Lock I want it to show up from Login through the checkout, without skiping pages

If anybody knows how to do this please let me know? if it's possible

[germ]

This will work (I think) Hanna:

 

Click Me

 

Only, in your case, since you have a store in the root, the file you need to alter would be /includes/functions/html_output.php

 

(Stay out of the /catalog folder ;) )

 

It should make all the pages SSL after they log in.

 

It's really not necessary, but if that's what you want - go for it girl!!!

:lol:

[tinkerbell46325]

This will work (I think) Hanna:

 

Click Me

 

Only, in your case, since you have a store in the root, the file you need to alter would be /includes/functions/html_output.php

 

(Stay out of the /catalog folder ;) )

 

It should make all the pages SSL after they log in.

 

It's really not necessary, but if that's what you want - go for it girl!!!

:lol:

Yes i'll try this and Thanks