Rodland Posted July 5, 2003 Author Posted July 5, 2003 I just asked my hosting company to do it for me. I don't know how it is done via a command line, but I noticed from the server that the httpsdocs directory has become some kind of alias. CMR p.s. anyone here know anything about GPG ?
Daemonj Posted July 5, 2003 Posted July 5, 2003 I am guessing that they setup a symlink from the secure folder to your standard folder. If you would not mind, ask your host's support department what they did so we can all learn. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Rodland Posted July 5, 2003 Author Posted July 5, 2003 Susan was the one who suggested this above. Hey Susan, you there? How do you do this? CMR
ViolentForce Posted July 7, 2003 Posted July 7, 2003 I have communicated with Susan by email and this is what she sent me on how to do this. You must have root access to do this by telnet or it's better to just ask your host to do it for you. This will only work if your secure directory is on the same server as your domain that OSC is installed on. If the secure directory is on another server, you must have a copy of all your files there too. I hope this helps explain it a little better for everyone. Ok, this is my situation: I've purchased an SSL certificate and installed it on my server under my domain. Then I have to telnet and create a config file to each other domains (vhosts) that reside on this server, so they can share my certificate and without having them copy the same exact files to a "secure directory". You can do it yourself if you have root access. If you don't, your hosting provider could make the configuration for you. here's the instruction using telnet: Make sure you name the config file yourdomain.com :443 in the "/etc/httpd/conf/vhosts/ssl" folder, so you may know the difference between each config file. Also in the conf folder you must make sure you have "SSLEnable" in there so it would look something like this: NameVirtualHost yourdomain.com <virtualhost yourdomain.com:443> ServerAdmin [email protected] DocumentRoot /home/admin/ssl/username ServerName yourdomain.com ServerAlias www.yourdomain.com Group nobody ErrorLog logs/yourdomain.com.error_log CustomLog logs/beadsourcela.com.access_log wusage SSLEnable SSLCACertificatePath /etc/httpd/conf/ssl.crt SSLCertificateFile /etc/httpd/conf/ssl.crt/main.com.cert SSLCertficateKeyFile /etc/httpd/conf/ssl.key/main.com.key SSLVerifyClient 0 SSLVerifyDepth 10 SSLFakeBasicAuth SSLCacheServerPort /home/httpd/ssl.socket SSLSessionCacheTimeout 300 </virtualhost> make sure you change yourdomain.com to the vhost or actual domain name in each line, also username to the username of that domain main.com to the domain name that owns the certificate don't forget that this is an exapmle, the path may be different according to your server setup. you must check with your hosting provider. I hope this will help. Do not make any changes unless you checked with your host and it's probably better if they do it.
Daemonj Posted July 7, 2003 Posted July 7, 2003 Thanks for posting that information! :) "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Aqua121 Posted July 8, 2003 Posted July 8, 2003 THANX Andrew for your posting! :wink: hey Jim, would you mind checking this post? it's still bothering me... :dontgetit: Cheers, Susan * * * * * Find a way, or make one!
Aqua121 Posted July 8, 2003 Posted July 8, 2003 hey Jim,would you mind checking this post? it's still bothering me... :dontgetit: oh, yeah, :blush: this one: http://www.oscommerce.com/forums/viewtopic.php...highlight=https Cheers, Susan * * * * * Find a way, or make one!
Guest Posted July 8, 2003 Posted July 8, 2003 I think I may have my server set up correctly, and I can see the pages when I am using the https addresses, but ALL of the images are not showing on the SSL pages. It's looking for the page at the right address, but it's looking for the images at the http address, just with an https. example: https://secure.server.com/~username/shop/ca...log/default.php - is showing all of the text, but https://my.domain.com/shop/catalog/image1.jpg - it says secure connection failed. In the config.php I have the https server set to https://secure.server.com/~username/subdirectory/ any ideas? I have that subdirectory because I am hosting another domain on my address. Thanks for any clues. My host doesn't have a whole lot of info on configuring SSL. M@
Aqua121 Posted July 12, 2003 Posted July 12, 2003 I think I may have my server set up correctly :D that's always a good start! and I can see the pages when I am using the https addresses, but ALL of the images are not showing on the SSL pages. it looks like you have to have all files - including images - duplicated also in the secure directory https://secure.server.com/~username/shop/catalog/default.php - is showing all of the text, but https://my.domain.com/shop/catalog/image1.jpg - it says secure connection failed. In the config.php I have the https server set to https://secure.server.com/~username/subdirectory/ exactly! that's your secure directory. my.domain.com is not secured, so use http:// in front of it :wink: good luck! cheers Cheers, Susan * * * * * Find a way, or make one!
pjones Posted July 25, 2003 Posted July 25, 2003 We seem to have come full circle here. Susan's last post implies we do need to duplicate files in the secure directory. Does anyone have a definitive answer on this?
Guest Posted July 25, 2003 Posted July 25, 2003 Unfortunately, the definitive answer is that it depends on your setup. Most of the includes tree needs to be available to both secure and non-secure. With the files in the catalog directory, you could usually have them in one or the other. The point of confusion may be that it is sometimes possible to set up the secure domain so that it uses the same file space as the non-secure domain. In that case, there is no duplication of files, since both use the same files. However, this can only be done if both are on the same server. Hth, Matt
pjones Posted July 25, 2003 Posted July 25, 2003 In my case, secure and non-secure directories are on the same server. Do you know how to set it up to use just one set of files?
Aqua121 Posted July 25, 2003 Posted July 25, 2003 Peter, are you on linux or windows? if linux, and have telnet access, please read Andrew's post on the previous page. cheers Cheers, Susan * * * * * Find a way, or make one!
ViolentForce Posted July 27, 2003 Posted July 27, 2003 Here are a few more questions I asked of Susan to get a better idea on how this works. Perhaps this will give others a better understanding about setting up a symlink. I asked some questions I thought others might ask about this. I'm just passing along what I am finding out for others to use. Hope this helps more. Sory for not posting this sooner as I had planned to. Susan's answers are in red ******************************************************* I will need to have a separate config file created for each domain on the server that I want to share the certificate? correct I should name the config file after the domain it is for, such as "mystoredomain.com :443" A little confused about that, perhaps you can explain more. That will be the actual file name? that could be the actual file name with the :433 at the end just make sure you'll know which file belong to which domain I then telnet to create this config file in the "/etc/httpd/conf/vhosts/ssl" folder. I'm supposing this is uploaded from telnet. Or do you use telnet to actually create it? yes, you actually create and name that file there Do I telnet to my main server domain account or to the domain I have the certificate on? I assume, you have to go to the root, that's what you should check with your host, since the path could be different The file would contain all this text for example: correct ----------------------------------------------- NameVirtualHost mystoredomain.com <virtualhost mystoredomain.com :443> ServerAdmin admin@mystoredomain.com DocumentRoot /home/admin/ssl/mystoreusername ServerName mystoredomain.com ServerAlias www.mystoredomain.com Group nobody ErrorLog logs/mystoredomain.com .error_log CustomLog logs/beadsourcela.com.access_log wusage SSLEnable SSLCACertificatePath /etc/httpd/conf/ssl.crt SSLCertificateFile /etc/httpd/conf/ssl.crt/myssldomain.com.cert SSLCertficateKeyFile /etc/httpd/conf/ssl.key/myssldomain.com.key SSLVerifyClient 0 SSLVerifyDepth 10 SSLFakeBasicAuth SSLCacheServerPort /home/httpd/ssl.socket SSLSessionCacheTimeout 300 </virtualhost> ----------------------------------------------- This text code will also make sure I have "SSLEnable" in the conf folder? Or do I have to do something different for that? that's all I have to do with mine... plz check with your host to make sure One more thing. When setting up my "configure.php" files, would they be like this: correct catalog/includes/configure.php define('HTTP_SERVER', 'http://mystoredomain.com'); define('HTTPS_SERVER', 'https://myssldomain.com'); define('ENABLE_SSL', true); Setting up the server to work like this, is it also possible to log into the admin securely with SSL? How should I setup the code in the admin configure.php to do this if it's possible? you know, I've never changed anything in the admin section, it should take care of that, too, since I always access the admin with https:// From Susans answer to this question, I will suppose the admin configure.php would be left as normal as in the following example. Example- catalog/admin/includes/configure.php define('HTTP_SERVER', 'http://mystoredomain.com'); define('HTTP_CATALOG_SERVER', 'http://mystoredomain.com'); define('HTTPS_CATALOG_SERVER', 'https://myssldomain.com'); define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module If this does not work for you though, try changing the HTTP_SERVER to your secure directory such as 'https://myssldomain.com' ***********************************************************
Recommended Posts
Archived
This topic is now archived and is closed to further replies.