Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Help


AJ

Recommended Posts

I've been reading the forums for awhile now, and can't seem to quite find the answer to my question...

 

I have SSL working, but I don't receive the padlock. I've tracked this down and determined the images are not being loaded from the SSL server. While the credit card box is reported as secure (right click, properties) the images are not, therefore making the page display to the visitor as non-secure.

 

Any ideas ? Suggestions ? Please... :)

 

You can see it for yourself, http://www.creationpc.com/catalog

 

Thanks!

 

AJ

Link to comment
Share on other sites

It depends on your SSL configuration...

 

But try this, it worked for me. Search for the line:

 

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER :

HTTP_SERVER) . DIR_WS_CATALOG; ?>">

in the pages that go over SSL and replace that line with this:

<base href="<?php echo HTTPS_SERVER . DIR_WS_CATALOG; ?>">

 

I suggest trying with just one page first to see if it makes and difference.

 

Please back up first.

Link to comment
Share on other sites

Here is a better explination on what is happening.

 

When you start the checkout, some of the page is secure, but you get no padlock, becuase the images are not coming from the HTTPS server.

 

The entire problem is that images are still being pulled from the HTTP server. How in the world can this be changed ?

 

Thanks!

Link to comment
Share on other sites

You are right in what you are saying but what i find strange is that you should have a security window that comes up and advise you that spme parts of the page is not secure but it does'nt !

Link to comment
Share on other sites

I do get this window/warning, but the padlock does not appear. Well, it appears, for a brief moment.

 

Granted I understand the credit card portion of the page is secure, some people may not understand this.

 

I guess osCommerece is not able to handle a shared SSL certificate very well, and I can accept that. But I wonder why some people have success while others don't?

Link to comment
Share on other sites

I'm having the exact same problem. I've seen some other threads indicating similar problems. I think this could be fixed in the apache config by using two seperate virtual servers. One for secure and one for normal. The only problem here is that my SSL cert is set for www.mydomain.com, so If i moved it to secure.mydomain.com I'd need to get the cert re-issued.

 

Does anyone have another solution?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...