smartwork Posted April 1, 2003 Share Posted April 1, 2003 After reading a TON of info here about ssl, here's a question I have. Set-up: My host offers a shared certificate but as with this, any https URLS use a different domain: my site: http://www.mydomain.com my secured addresses: https://my.host.com/~username/files_needing_ssl I can access any file using the https format, so I can access the admin directly like that, BUT once I reach the admin/index.php page, all those links are using the non-secured http://www.mydomain.com format which defeats the purpose because I then lose ssl. How can I change that? I need a way of keeping osc from adding http://www.mydomain.com (HTTP_CATALOG_SERVER) to the URLs and add https://my.host.com/~username (HTTPS_CATALOG_SERVER) to them. I've looked all around and see where the files are named (application_top.php), but I don't see a good way of getting the https URL in there. configure.php only asks for the https catlog server. Why not ask the same thing for the admin server and this would all be solved (I think). Seems like such a logical addition - maybe I'm overlooking something and simplifying it too much after staring at it too long. :shock: Anyone? Thanks! Link to comment Share on other sites More sharing options...
Guest Posted April 1, 2003 Share Posted April 1, 2003 did you switch the https (secure connection) ON from within configure.php file/s ? Jan Link to comment Share on other sites More sharing options...
smiley Posted April 1, 2003 Share Posted April 1, 2003 In admin/includes/configure.php you can force an https connection by specifying your https link. Just remember to always access admin by typing in your https://... I find this works for almost everything. Seems the database won't back up in https but is easily worked around. :) HTH Neil Common sense is genius dressed in working clothes. Ralph Waldo Emerson Link to comment Share on other sites More sharing options...
smartwork Posted April 1, 2003 Author Share Posted April 1, 2003 Jan - Yep, pretty sure. I believe this to be correct: define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('ENABLE_SSL', true); // secure webserver for checkout procedure? Smiley - I've got this entered into my configure files. Is this where you're specifying yours or your describing somewhere else? define('HTTPS_SERVER', 'https://my.host.com/~username'); define('HTTPS_CATALOG_SERVER', 'https://my.host.com/~username'); Thanks to you both! -shaun Link to comment Share on other sites More sharing options...
smartwork Posted April 1, 2003 Author Share Posted April 1, 2003 Oh, and I've even checked my original osc configure files but when setting the catalog/includes/configure.php SSL to true there are NOT any single quotes, yet when you set the admin/includes/configure.php to enable SSL there are single quotes around 'true". Initially I thought that a bit strange but still getting familiar with file protocol. That's how my original files show them. -shaun Link to comment Share on other sites More sharing options...
smiley Posted April 2, 2003 Share Posted April 2, 2003 Hi, admin/includes/configute.php define('HTTP_SERVER', 'https://*******.com/~username/directory'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'http://*****.com/directory'); define('HTTPS_CATALOG_SERVER', 'https://******.com/~username/directory'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module In my browser I type in https://*******.com/~username/directory/admin for sensitive stuff Note: It is still accessible by http://*******.com/directory/admin :!: You have to remember to us https://.... :) HTH Neil Common sense is genius dressed in working clothes. Ralph Waldo Emerson Link to comment Share on other sites More sharing options...
smartwork Posted April 2, 2003 Author Share Posted April 2, 2003 hey there, smiley - Thanks for the input. How can you put the directory on the ends of the URL variables without it being duplicated later? For instance, if osc is installed in the catalog directory, are you putting putting in this: https://*******.com/~username/catalog If so, how do you not later get URLs with https://******.com/~username/catalog/catalog/... when the other segments are added to it? Please check this thread out to see if you might have any advice. It would GREATLY be appreciated. I feel like I'm ALMOST there but can't quite work out the kink. Thanks! http://www.oscommerce.com/forums/viewtopic.php?t=39602 Link to comment Share on other sites More sharing options...
smiley Posted April 2, 2003 Share Posted April 2, 2003 Hi, Ok. You can leave the directory out if it suits you. I install Osc into a directory. In that way I can have more than one store or have another database application running. The admin for /xyz can be in /xyz/adminDirectory http://www.12website.com/shop/ - has it's own admin http://www.12website.com/store/ - has it's own admin http://www.12website.com/community/ - has it's own admin :) HTH Neil Common sense is genius dressed in working clothes. Ralph Waldo Emerson Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.