Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

ssl with shared certificate


smartwork

Recommended Posts

After reading a TON of info here about ssl, here's a question I have.

 

Set-up: My host offers a shared certificate but as with this, any https URLS use a different domain:

 

my site: http://www.mydomain.com

 

my secured addresses: https://my.host.com/~username/files_needing_ssl

 

I can access any file using the https format, so I can access the admin directly like that, BUT once I reach the admin/index.php page, all those links are using the non-secured http://www.mydomain.com format which defeats the purpose because I then lose ssl.

 

How can I change that? I need a way of keeping osc from adding http://www.mydomain.com (HTTP_CATALOG_SERVER) to the URLs and add https://my.host.com/~username (HTTPS_CATALOG_SERVER) to them. I've looked all around and see where the files are named (application_top.php), but I don't see a good way of getting the https URL in there. configure.php only asks for the https catlog server. Why not ask the same thing for the admin server and this would all be solved (I think). Seems like such a logical addition - maybe I'm overlooking something and simplifying it too much after staring at it too long. :shock:

 

Anyone?

 

Thanks!

Link to comment
Share on other sites

In admin/includes/configure.php you can force an https connection by specifying your https link.

Just remember to always access admin by typing in your https://...

 

I find this works for almost everything.

Seems the database won't back up in https but is easily worked around.

:)

HTH

Neil

 

Common sense is genius dressed in working clothes.

Ralph Waldo Emerson

Link to comment
Share on other sites

Jan -

 

Yep, pretty sure. I believe this to be correct:

 

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

 

Smiley -

 

I've got this entered into my configure files. Is this where you're specifying yours or your describing somewhere else?

 

define('HTTPS_SERVER', 'https://my.host.com/~username');

 

define('HTTPS_CATALOG_SERVER', 'https://my.host.com/~username');

 

 

Thanks to you both!

 

-shaun

Link to comment
Share on other sites

Oh, and I've even checked my original osc configure files but when setting the catalog/includes/configure.php SSL to true there are NOT any single quotes, yet when you set the admin/includes/configure.php to enable SSL there are single quotes around 'true".

 

Initially I thought that a bit strange but still getting familiar with file protocol. That's how my original files show them.

 

-shaun

Link to comment
Share on other sites

Hi,

admin/includes/configute.php

 

define('HTTP_SERVER', 'https://*******.com/~username/directory'); // eg, http://localhost or - https://localhost should not be NULL for productive servers

define('HTTP_CATALOG_SERVER', 'http://*****.com/directory');

define('HTTPS_CATALOG_SERVER', 'https://******.com/~username/directory');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

In my browser I type in https://*******.com/~username/directory/admin for sensitive stuff

 

Note: It is still accessible by http://*******.com/directory/admin :!:

You have to remember to us https://.... :)

HTH

Neil

 

Common sense is genius dressed in working clothes.

Ralph Waldo Emerson

Link to comment
Share on other sites

hey there, smiley -

 

Thanks for the input. How can you put the directory on the ends of the URL variables without it being duplicated later? For instance, if osc is installed in the catalog directory, are you putting putting in this:

 

https://*******.com/~username/catalog

 

If so, how do you not later get URLs with https://******.com/~username/catalog/catalog/... when the other segments are added to it?

 

Please check this thread out to see if you might have any advice. It would GREATLY be appreciated. I feel like I'm ALMOST there but can't quite work out the kink.

 

Thanks!

 

http://www.oscommerce.com/forums/viewtopic.php?t=39602

Link to comment
Share on other sites

Hi,

Ok. You can leave the directory out if it suits you.

I install Osc into a directory.

In that way I can have more than one store or have another database application running. The admin for /xyz can be in /xyz/adminDirectory

 

http://www.12website.com/shop/ - has it's own admin

http://www.12website.com/store/ - has it's own admin

http://www.12website.com/community/ - has it's own admin

:)

HTH

Neil

 

Common sense is genius dressed in working clothes.

Ralph Waldo Emerson

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...