Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

('ENABLE_SSL', true)


Rodland

Recommended Posts

Posted

I just asked my hosting company to do it for me.

 

I don't know how it is done via a command line, but I noticed from the server that the httpsdocs directory has become some kind of alias.

 

CMR

 

p.s. anyone here know anything about GPG ?

Posted

I am guessing that they setup a symlink from the secure folder to your standard folder.

 

If you would not mind, ask your host's support department what they did so we can all learn.

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Posted

Susan was the one who suggested this above. Hey Susan, you there? How do you do this?

 

CMR

Posted

I have communicated with Susan by email and this is what she sent me on how to do this.

You must have root access to do this by telnet or it's better to just ask your host to do it for you.

 

This will only work if your secure directory is on the same server as your domain that OSC is installed on.

If the secure directory is on another server, you must have a copy of all your files there too.

 

I hope this helps explain it a little better for everyone.

 

Ok, this is my situation:

 

I've purchased an SSL certificate and installed it on my server under my domain.

Then I have to telnet and create a config file to each other domains (vhosts) that reside on this server, so they can share my certificate and without having them copy the same exact files to a "secure directory".

You can do it yourself if you have root access. If you don't, your hosting provider could make the configuration for you.

here's the instruction using telnet:

 

Make sure you name the config file yourdomain.com :443  

in the "/etc/httpd/conf/vhosts/ssl" folder,  

so you may know the difference between each config file.  

Also in the conf folder you must make sure you have "SSLEnable" in there so it would look something like this:  

 

NameVirtualHost yourdomain.com  

<virtualhost yourdomain.com:443>  

ServerAdmin [email protected]

DocumentRoot /home/admin/ssl/username  

ServerName yourdomain.com  

ServerAlias www.yourdomain.com

Group nobody  

ErrorLog logs/yourdomain.com.error_log

CustomLog logs/beadsourcela.com.access_log wusage

SSLEnable

SSLCACertificatePath /etc/httpd/conf/ssl.crt  

SSLCertificateFile /etc/httpd/conf/ssl.crt/main.com.cert  

SSLCertficateKeyFile /etc/httpd/conf/ssl.key/main.com.key  

SSLVerifyClient 0

SSLVerifyDepth 10

SSLFakeBasicAuth

SSLCacheServerPort /home/httpd/ssl.socket

SSLSessionCacheTimeout 300

</virtualhost>

 

make sure you change  

yourdomain.com to the vhost  or actual domain name in each line, also  

username to the username of that domain

main.com to the domain name that owns the certificate

 

don't forget that this is an exapmle, the path may be different according to your server setup. you must check with your hosting provider.

 

I hope this will help.  

Do not make any changes unless you checked with your host and it's probably better if they do it.

Posted

Thanks for posting that information! :)

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Posted

THANX Andrew for your posting! :wink:

 

 

hey Jim,

would you mind checking this post?

it's still bothering me... :dontgetit:

Cheers,

Susan

 

* * * * *

Find a way, or make one!

Posted

I think I may have my server set up correctly, and I can see the pages when I am using the https addresses, but ALL of the images are not showing on the SSL pages.

 

It's looking for the page at the right address, but it's looking for the images at the http address, just with an https.

 

example:

https://secure.server.com/~username/shop/ca...log/default.php - is showing all of the text, but

https://my.domain.com/shop/catalog/image1.jpg - it says secure connection failed.

 

In the config.php I have the https server set to https://secure.server.com/~username/subdirectory/

 

any ideas? I have that subdirectory because I am hosting another domain on my address.

 

Thanks for any clues. My host doesn't have a whole lot of info on configuring SSL.

 

M@

Posted
I think I may have my server set up correctly

:D that's always a good start!

 

and I can see the pages when I am using the https addresses, but ALL of the images are not showing on the SSL pages.

it looks like you have to have all files - including images - duplicated also in the secure directory

 

https://secure.server.com/~username/shop/catalog/default.php - is showing all of the text, but

https://my.domain.com/shop/catalog/image1.jpg - it says secure connection failed.

 

In the config.php I have the https server set to https://secure.server.com/~username/subdirectory/

exactly!

that's your secure directory.

my.domain.com is not secured, so use http:// in front of it :wink:

 

good luck!

 

cheers

Cheers,

Susan

 

* * * * *

Find a way, or make one!

  • 2 weeks later...
Posted

We seem to have come full circle here. Susan's last post implies we do need to duplicate files in the secure directory. Does anyone have a definitive answer on this?

Posted

Unfortunately, the definitive answer is that it depends on your setup.

 

Most of the includes tree needs to be available to both secure and non-secure. With the files in the catalog directory, you could usually have them in one or the other.

 

The point of confusion may be that it is sometimes possible to set up the secure domain so that it uses the same file space as the non-secure domain. In that case, there is no duplication of files, since both use the same files. However, this can only be done if both are on the same server.

 

Hth,

Matt

Posted

In my case, secure and non-secure directories are on the same server. Do you know how to set it up to use just one set of files?

Posted

Peter,

 

are you on linux or windows?

if linux, and have telnet access, please read Andrew's post on the previous page.

 

cheers

Cheers,

Susan

 

* * * * *

Find a way, or make one!

Posted

Here are a few more questions I asked of Susan to get a better idea on how this works. Perhaps this will give others a better understanding about setting up a symlink. I asked some questions I thought others might ask about this.

 

I'm just passing along what I am finding out for others to use. Hope this helps more.

Sory for not posting this sooner as I had planned to.

 

 

Susan's answers are in red

*******************************************************

I will need to have a separate config file created for each domain on the server that I want to share the certificate? correct

 

I should name the config file after the domain it is for, such as "mystoredomain.com :443"

A little confused about that, perhaps you can explain more. That will be the actual file name?

that could be the actual file name with the :433 at the end just make sure you'll know which file belong to which domain

 

I then telnet to create this config file in the "/etc/httpd/conf/vhosts/ssl" folder.

I'm supposing this is uploaded from telnet. Or do you use telnet to actually create it? yes, you actually create and name that file there

 

Do I telnet to my main server domain account or to the domain I have the certificate on? I assume, you have to go to the root, that's what you should check with your host, since the path could be different

 

The file would contain all this text for example: correct

-----------------------------------------------

NameVirtualHost mystoredomain.com

<virtualhost mystoredomain.com :443>

ServerAdmin admin@mystoredomain.com

DocumentRoot /home/admin/ssl/mystoreusername

ServerName mystoredomain.com

ServerAlias www.mystoredomain.com

Group nobody

ErrorLog logs/mystoredomain.com .error_log

CustomLog logs/beadsourcela.com.access_log wusage

SSLEnable

SSLCACertificatePath /etc/httpd/conf/ssl.crt

SSLCertificateFile /etc/httpd/conf/ssl.crt/myssldomain.com.cert

SSLCertficateKeyFile /etc/httpd/conf/ssl.key/myssldomain.com.key

SSLVerifyClient 0

SSLVerifyDepth 10

SSLFakeBasicAuth

SSLCacheServerPort /home/httpd/ssl.socket

SSLSessionCacheTimeout 300

</virtualhost>

-----------------------------------------------

 

This text code will also make sure I have "SSLEnable" in the conf folder?

Or do I have to do something different for that? that's all I have to do with mine... plz check with your host to make sure

 

 

One more thing. When setting up my "configure.php" files, would they be like this: correct

catalog/includes/configure.php

define('HTTP_SERVER', 'http://mystoredomain.com');

define('HTTPS_SERVER', 'https://myssldomain.com');

define('ENABLE_SSL', true);

 

Setting up the server to work like this, is it also possible to log into the admin securely with SSL?

How should I setup the code in the admin configure.php to do this if it's possible? you know, I've never changed anything in the admin section, it should take care of that, too, since I always access the admin with https://

 

From Susans answer to this question, I will suppose the admin configure.php would be left as normal as in the following example.

 

Example-

catalog/admin/includes/configure.php

define('HTTP_SERVER', 'http://mystoredomain.com');

define('HTTP_CATALOG_SERVER', 'http://mystoredomain.com');

define('HTTPS_CATALOG_SERVER', 'https://myssldomain.com');

define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module

 

If this does not work for you though, try changing the HTTP_SERVER to your secure directory such as 'https://myssldomain.com'

 

 

***********************************************************

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...