Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Security Warning


agtlewis

Recommended Posts

I would like some people to visit my website, click on checkout, and tell me if they get a security warning regarding the ssl certificate. This is a trial certificate from instantssl.com and they said that they were a recognized certificate authority but my browser says that I have chosen not to trust them.

 

www.astions.com

 

This cert was free and I am debating on whether or not to buy one from them.

Link to comment
Share on other sites

i had tried your website. yes there is a security warning regarding the ssl certificate.

 

your certificate is working just fine.

 

btw, i had a question on ssl:

a. my initial install i had unchecked the secured transaction, however now i would like to enable it.

 

instead of doing the install again, may i just edit the configure.php in catalog/includes and admin/includes to enable it?

 

https://localhost - should not be NULL for productive servers

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

 

are there more settings need to be make? because once i had set it to 'true', i am not able to proceed to 'checkup', "the page cannot be display"

 

cheers!

Link to comment
Share on other sites

This cert was free and I am debating on whether or not to buy one from them.

 

I get it too...

 

I got a free cert from freessl.com and it only gives me that on Opera. I guess freeSSL is included in the default "trusted" orginizations on IE and Netscape.

The only thing necessary for evil to flourish is for good men to do nothing

- Edmund Burke

Link to comment
Share on other sites

We get the security warning too, but we have a Thawte certificate. Its a new installation and a new server mind you, but any experts, please feel free to peruse this information and give your input:

 

We get a popup when trying to check out saying the following page contains insecure items. User is sent to checkout_payment.php and it is an http URL at the top. Previous page was https.

 

Programmers are telling me that this is happening because there is no _SERVER[HTTPS] with the value of "on" located in the "PHP Variables" section of this file: https://www.hairlosstalk.com/progs/shop/adm...server_info.php

 

I told the server admin, he turned it on, and the whole store broke. 500 server errors everywhere. So he turned it back off.

 

Are any of you familiar with this apache variable and it needing to be present, and on? Could you take a quick look at your server_info.php files and tell me if its there? Its within "PHP Variables" and typically within the first 10 rows of the table.

 

The only way they say to fix the problem (true, it worked on the old store) was to change the definition of <base> in several pages of the store code. <base> defines for the store and the browser where to look for everything. In this case they manually changed all the necessary files to read https://www.hairlosstalk.com/etc/etc/etc. Basically they hardcoded it, rather than letting the server do it. I don't want all this customization on the new store.

 

Any help you can give would be much appreciated.

 

By the way, also note that when in the admin section, on that intro-dark-blue screen, lower left corner, it says "You are NOT protected by a secure connection".... when in fact we are.

.

www.hairlosstalk.com

Consumer Hair Loss Information & Support

Link to comment
Share on other sites

I have a similar problem. I have an image on my page, but I'm using the https url to avoid ssl warnings. Now the image is linking to a secure paypal page. The problem is when someone tries to access an unsecure page, the image does now show up - red X. It only shows up on secure pages.

 

Is there a way to get around this?

I tried changing the url to use a relative url, but still weird. Is the problem caused by the url the image is linking to - it's paypal's https.

 

 

Thx

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...