Non-Secure Form

[2johnsons]

Im testing my website/checkout when I go through the whole procedure at the end when the order is submitted and Im being shown at the top of the page "The order has been processed" when I select continue I get a message saying " This is a non-secure form" what do i have to do the prevent this from happening I don't want customers to be worried about the order they just placed and their information.

 

Thank you for any information/help help

[♥geoffreywalton]

Do you have an ssl certificate installed?

[doesthiscount]

Hi,

 

I have the same problem and yes I do have a valid certificate.

 

I read the windows help and it said:

 

---------------------

What does it mean when I have both secure and non-secure (mixed) content?

Secure and non-secure content, or mixed content, means that a webpage is trying to display elements using both secure (HTTPS/SSL) and non-secure (HTTP) web server connections. This often happens with online stores or financial sites that display images, banners, or scripts that are coming from a server that is not secured.

 

The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content.

 

 

 

Note

 

Internet Explorer uses an encrypted protocol called Secure Sockets Layer (SSL) to access secure webpages. These pages use the prefix HTTPS, while regular webpages use HTTP.

--------------------------------

 

I would like the warning box to go away, just dont know how. Thanks for the help in advance.

[doesthiscount]

This link solved my problem: I had http when i should of had a https link.

 

http://www.oscommerce.com/forums/index.php?sho...-secure+content

 

Hope it help!

[2johnsons]

Do you have an ssl certificate installed?

 

Yes I do have an SSL Certificate.

[germ]

Your /catalog/includes/configure file is incorrect.

 

What do you have for:

 

  define('HTTPS_SERVER', '');
 define('HTTPS_COOKIE_DOMAIN', '');

[2johnsons]

Your /catalog/includes/configure file is incorrect.

 

What do you have for:

 

  define('HTTPS_SERVER', '');
 define('HTTPS_COOKIE_DOMAIN', '');

 

Both of these areas on my site are empty. (see below)

 

define('HTTPS_SERVER', ''); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', '');

[germ]

  define('HTTPS_SERVER', 'https://flawnt.net'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', '.flawnt.net');
 define('HTTPS_COOKIE_DOMAIN', '.flawnt.net');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

Try those settings.

[2johnsons]

  define('HTTPS_SERVER', 'https://flawnt.net'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', '.flawnt.net');
 define('HTTPS_COOKIE_DOMAIN', '.flawnt.net');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

Try those settings.

 

I made the change and Im still getting the same response at the end when I want to continue after the order is processed.

"This form will be sent in a way that is not secure. Are you sure you want to send it?"

 

I was also told that I need to recreate the links via "https" by my host and SSL Certificate provider. (what does this actually mean and how do I do this)

[germ]

The site still isn't recognizing that SSL is "on".

 

Start with the first post here:

 

SSL Help

[2johnsons]

The site still isn't recognizing that SSL is "on".

 

Start with the first post here:

 

SSL Help

 

Im trying this add on and Im getting this error

 

No input file specified.

[germ]

The cfgchk.php file pinpoints the problem:

 

cfgchk.php Version 1.1

 

local config file found!

Processing it first...

 

File Permissions: 0644

 

Found ENABLE_SSL.

 

define('ENABLE_SSL', 0);

 

SSL may not be enabled!

In /catalog/includes/local/configure.php change:

 

define('ENABLE_SSL', 0);

to

 

define('ENABLE_SSL', 1);

[2johnsons]

The cfgchk.php file pinpoints the problem:

 

 

In /catalog/includes/local/configure.php change:

 

define('ENABLE_SSL', 0);

to

 

define('ENABLE_SSL', 1);

 

 

I made the changes and still get this.

 

Your Order Has Been Processed!

 

Your order has been successfully processed! Your products will arrive at their destination within 2-7 business days.

 

Please notify me of updates to the products I have selected below:

Loop

 

Thanks for shopping with us online!

And when I select "continue" thats when I get "this is not a secure form" Im not understanding whey because https appears in the address bar just before i select confirm and finished then when i select continue the message appears.

[germ]

I just tried it again:

 

cfgchk.php Version 1.1

 

local config file found!

Processing it first...

 

File Permissions: 0644

 

Found ENABLE_SSL.

 

define('ENABLE_SSL', 0);

 

SSL may not be enabled!

Nothing has changed...

<_<

[2johnsons]

I just tried it again:

 

 

Nothing has changed...

<_<

 

Sorry about that I did not save the changes I made. I will attempt it again to see the results I get when going through the check out process

[2johnsons]

Sorry about that I did not save the changes I made. I will attempt it again to see the results I get when going through the check out process

 

Jim thank you for your patience and help. I did not get the message again indicating its a non secure form.

How can I add HTTPS to the "log yourself in" page and "the create an account page"

 

Thank you again.

[germ]

How can I add HTTPS to the "log yourself in" page and "the create an account page"

You just did.

;)

 

And you're welcome.

:)