CVC505 Posted June 26, 2003 Posted June 26, 2003 I know this is a repeat of a problem others have had but I have not seen a definitive answer and since there seems to be a significant number of use having this problem I will ask again. I use a service that will provide a shared ssl certificate. In order to use it I must store the files I want secured in a separate directory: Normal pages: http://some.domain.com/catalog Secured directory http://some.domain.com/secure/catalog I have modified the configure.php file in both the catalog and the admin section so that the correct web site addresses are referenced for the secure and the normal web pages. The store works fine until you try to ?check out? or go to another ?secured page?. Then the web browser will be redirected to: ?https://some.domain.com/secure/catalog/check_out_shipping.php ?lafbfakfkkhhsfa? At this point the browser displays the Page not found error. I have tried copying just the ?check_out_XXX.php files to the secured folder but with no success. In reviewing the postings on this as well as the other OScommerce site I find the following suggested solutions: 1. Use a symbolic link to point from the https to the http files. (This will need to be done by the hosting server webadmin I think as I see no way for me to do it from my cpanel.) 2. Store ALL the files in both directories. (This could get to be a management as well as a space use nightmare) 3. Store only some of the files in the secure subfolder (No one has indicated which ones, this would be a more acceptable solution) 4 .Switch service providers. (Not always possible) 5. Buy your own SSL certificate (not always as option for those of use just starting) I would vote for option 3 if someone could only tell us which files we would need to move to the secure space. All you OScommerce gurus out there, how about it? Rick Hanzlik
justinswa Posted July 14, 2003 Posted July 14, 2003 this is my question too, just bringing it back to the top of the board
pimlico Posted July 15, 2003 Posted July 15, 2003 I'm having the same problem -- please help Sean :cry:
Guest Posted July 15, 2003 Posted July 15, 2003 some of us have less skills on this than many,,, so please help us with this issue,, there seem to be several with the same problem thanks in advance Tom
Guest Posted July 15, 2003 Posted July 15, 2003 3. Store only some of the files in the secure subfolder (No one has indicated which ones, this would be a more acceptable solution)You will probably need to copy the entire includes directory tree. The alternative is to go through each file from the catalog directory and trace all its includes (remember, if it includes a file, you have to check what files that file includes and so on). Note: this will still result in copying most of them. In the base catalog directory, you can get by with just those pages that you actually want to appear: checkout_shipping.php, etc. Good luck, Matt
justinswa Posted July 15, 2003 Posted July 15, 2003 nope, I just don't tink anybody though about shared ssl when they wrote this. There is no way to make it work :evil:
Guest Posted July 16, 2003 Posted July 16, 2003 I am having the same problem. I am on a server where one cerificate is shared -- I was going to try the symlink -- but can't do that as the shared ssl server already has an /admin directory which is linked to another program -- Someone must have the answer.
Guest Posted July 16, 2003 Posted July 16, 2003 I have a shared certificate on my server. I have also used MS1 and now testing MS2. I only have 1 location where my files are. My results are this: MS1 - No problems to report. MS2 - No problems to report. I haven't had any problems with my site using a shared certificate. Here are examples of my URL's: Normal: http://www.thevinyladvantage.com/catalog Secure: https://www.securednshost.com/~thevinyl/catalog My site switches back and forth between the two URL's with no problems. If you have a shared certificate, your URL is going to be different from your normal URL. You won't have URL's that look like this with a shared certificate: http://www.mysite.com https://www.mysite.com Contact your hosting company to find out what your "real" secure URL is. I thought I new mine (I used my server name) but was wrong, and after my host told me the correct URL, it has be great ever since. Hope this helps.
Geotex Posted July 16, 2003 Posted July 16, 2003 I had the same problem. Copied the entire catalog less any images for my stock items. I did not copy any of the admin to the directory. I then created another default.php (now index.php) that redirects the customer back to the non-ssl server after logging in or completing a purchase. That is the only solution I have found to make it work. I put in the redirect page because I did not want the hassle of trying to maintain double sites when the only time they see the secure main page to the cart is after a return customer logs in. This way, anytime secure.....catalog/default or index.php gets called, they are returned to the http cart. In the configure.php, I have to reference the ssl server as https://somesecure.com/mysite.com, which is not just specific to my hoster for accessing the ssl directory. Take a look at it in action at http://www.shirleyscathouse.com or http://www.dewmag.com, just 2 of the live sites I manage that we had to do this to get the secure sign up, login, and customer checkout to work. If you need more help on this, let me know, I will assist as I can. GEOTEX from Houston, TX (George)
Guest Posted July 16, 2003 Posted July 16, 2003 I copied all of the files -- still have problems as I get a fatal error. I think something may be wrong with the code. Fatal error: Call to undefined function: tep_parse_input_field_data() in /www1/secure.ixtnet.com/html/catalog/includes/functions/html_output.php on line 228 The actual code it refers to begins on line 224 with the first blank line at 228 -//// // Output a form textarea field function tep_draw_textarea_field($name, $wrap, $width, $height, $text = '', $parameters = '', $reinsert_value = true) { $field = '<textarea name="' . tep_parse_input_field_data($name, array('"' => '"')) . '" wrap="' . tep_parse_input_field_data($wrap, array('"' => '"')) . '" cols="' . tep_parse_input_field_data($width, array('"' => '"')) . '" rows="' . tep_parse_input_field_data($height, array('"' => '"')) . '"'; if (tep_not_null($parameters)) $field .= ' ' . $parameters; $field .= '>'; if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) { $field .= $GLOBALS[$name]; } elseif (tep_not_null($text)) { $field .= $text; } $field .= '</textarea>'; return $field; } Anyone see the problem here?
Geotex Posted July 16, 2003 Posted July 16, 2003 Do you have -->excatly<-- the same directory structure on both the public and secure directories? Are you properly defining the secure sever address in configure.php? define('HTTPS_SERVER', 'https:// '); could be define('HTTPS_SERVER', 'https://www.secureservice.com'); (substitute the name your hoster gave you). You may or may not need to add your domain. On our servers, the domain is added automatically to give https://www.secure.com/my.com GEOTEX from Houston, TX (George)
Guest Posted July 16, 2003 Posted July 16, 2003 Do you have -->excatly<-- the same directory structure on both the public and secure directories? Are you properly defining the secure sever address in configure.php? define('HTTPS_SERVER', 'https:// '); define('HTTPS_SERVER', 'https://www.secureservice.com'); (substitute the name your hoster gave you). I am pretty sure I've copied all the necessary files. I did not copy product images. I know I have the correct server name -- my url has a dedicated ip address -- I have 30 other domains on the same server -- many use the the secure url -- You may or may not need to add your domain. On our servers, the domain is added automatically to give https://www.secure.com/my.com Perhaps I need to add the sub directory /catlog, but I don't think so. I am beginning to believe I might not have permissions set correctly My current problem seems to be the fatal error Appreciate your thoughts -- I will double check on the files duplication. best, M
Geotex Posted July 16, 2003 Posted July 16, 2003 I know I have the correct server name -- my url has a dedicated ip address -- I have 30 other domains on the same server -- many use the the secure url -- Perhaps I need to add the sub directory /catlog, but I don't think so. I am beginning to believe I might not have permissions set correctly Well, good luck with it. I moved a bunch of my accounts to the current servers just about a year ago, and had a terrible time getting everything set up. I bought a perl cart that I never could get working on them. Seems only the guy that wrote it could, so moved them back to one of the other hosting companies I use, similar setup, but worked perfectly. I haven't tried the osCommerce cart on the old site, as our new hosting service does a better job of keeping up with PHP and mySQL security updates. GEOTEX from Houston, TX (George)
visioncomputing Posted July 17, 2003 Posted July 17, 2003 Having the same problem. My shared SSL is https://www.securewebexchange.com/domain.com and my normal domain is www.domain.com. The_Bear has said that all you have to do is edit the configure files and you don't have to copy the files over to the secure server, although I don't see how it's possible to do it without copying some files to the secure directory. I've been looking for hours and all I'm getting is dead ends. Anyone?
Guest Posted July 17, 2003 Posted July 17, 2003 I have it working. I copied all the files in the /catalog directory to the secure server. I didn't copy the admin folder -- the checkout now seems to be working except many of the images which aren't loading. (boxes etc.), so the page looks incomplete. The path to the images seems to be correct so I am stumped. Probably something simple, but at least I am getting close to opening the store to the world. This is my first OSCommerce store -- Thankfully, there are so many people willing to help.
Guest Posted July 17, 2003 Posted July 17, 2003 I am also having a problem with shared ssl. I have enabled SSL and defined the https server as https://sonicstars.infinology.com (this has been confirmed by my ISP) in admin/includes/configure.php and catalog/includes/configure.php. However, it does not automatically switch to the secure server when I checkout. I can view the site ok by entering https://sonicstars.infinology.com in the url, however, when I cursor over the "checkout" link, it is linking to the non-secure server? thanks for any help anyone can offer. Chris Thomas
Geotex Posted July 17, 2003 Posted July 17, 2003 Having the same problem. My shared SSL is https://www.securewebexchange.com/domain.com and my normal domain is www.domain.com. The_Bear has said that all you have to do is edit the configure files and you don't have to copy the files over to the secure server, although I don't see how it's possible to do it without copying some files to the secure directory. I've been looking for hours and all I'm getting is dead ends. Anyone? Appears we are using the same hosting service. I had to copy all the catalog files and images. No admin, or product images. Also had to do a redirect page for returning customers logging in, and when a customer completes an order, as it left them in the secure site with no images. for your https server, just use https://www.securewebexchange.com with no reference to your domain name. Also, with this server, you must have the www. or it won't load. GEOTEX from Houston, TX (George)
visioncomputing Posted July 18, 2003 Posted July 18, 2003 Thanks for the reply George. I think I'm just going to go with my own cert from Thawte and bypass all of the setup problems.
unistar Posted July 18, 2003 Posted July 18, 2003 With my previous provider I had all files in HTTP://. A redirection (.htacess, other?) was put in HTTPS:// for all calls there would go securely but access files from HTTP:// What does the .htaccess file (or other) need to like like for this to work?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.