Misteraven Posted February 19, 2003 Posted February 19, 2003 I searched through a million old threads and dont see much about this so... I'm wondering what the best way is to set up SSL on a virtual host using Apache. I already changed the virtual host to IP based to prepare it, but I'm kind of lost about what to do next. To get SSL to work I need to specify a port (port 443), and when i do http (port 80) stops working so nothing at http://www.domain.com works. Is there a way to get these to work together in the same virtual host or do I actually set up two virtual hosts for the same domain and specify the ports to route traffic between http and https? Thanks in advance for the help...
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 So far the best advice I've recieved is to set up two virtual hosts for the same domain - One for http and the other for https. However, if I did this it would mean that if the admin was secured with ssl, that all product shots would need to be uploaded twice. Actually much of the content would have to be mirrored. Surely there's a better solution than this? Can someone who's done this please clue me in on how to set it up? I'd be eternally greatful for some help with this...
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 Anyone out there who has OSCommerce set up on a virtual host with SSL? There's no mention of how SSL should be set up in any documentation I've found and there are several ways to configure SSL (Seperate virtual hosts, symbolic links, etc). Please, if anyone done this... take a moment to share how its done.
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 searched another couple dozen pages worth of old posts and still not finding anything. Please help...
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 After looking at config.php, I'm wondering if the fact that they ask to specify the seperate servers for http and https is an indication that these are in fact meant to be set up as seperate virtual hosts. But if so, how does it handle securing the admin with https and still having the product images show up in both http and https pages? Please, someone help...
Guest Posted February 20, 2003 Posted February 20, 2003 This really isn't an OSC problem...It seems to me that setting up Apache is the problem. Have you looked at their docs?
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 Ah... thank you BirdBrain for at least noticing my pleas for help. I know how to configure Apache (at least get what I need done). I've gone ahead and set up a second virtual host for SSL. Basically it's the same thing as the http counterpart, except i included the SSL directives, and specified a different directory as the document root. I am able to see a test page just fine. My question is, how do you set up OS Commerce to make use of the SSL? I originally didnt have SSL when I installed so can i simply make the changes to the config.php file to specify the https server or should I reinstall? Also, since https is physically a different location, do i need to copy over the pages I want to secure into my secured directory, or do i mirror the entire install? If I do this, wont images upload to the secured directory if Admin is secured leading to a lot of broken images in my catalog pages? As you can see, I'm confused about the how OSC uses SSL and what the OSC install should look like to get SSL working.
Guest Posted February 20, 2003 Posted February 20, 2003 Change the catalog/includes/configure.php and the admin/includes/configure.ph to reflect your changes. They are both pretty self-explanatory. If you get stuck try a search of the forums for SSL set up....it gets discussed a lot.
Misteraven Posted February 20, 2003 Author Posted February 20, 2003 In your opinion, should I reinstall? Simply changing the config.php file to reflect the newly created virtual host with ssl, doesnt mean that there will actually be any files in the new directory since http://www.domain/catalog/default.php is actually an entirely different directory from https://www.domain/catalog/default.php.
Guest Posted February 20, 2003 Posted February 20, 2003 As long as you have your HTTP and HTTPS on the same physical machine simply changing the configure files should be fine. The script simply "calls" the files through the HTTPS. If your server set up doesn't support that then you will need to copy the files to HTTPS.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.