Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Setting SSL after the shop has ben setup


Genius

Recommended Posts

Could Someone please assist me with the SSL Configuration setting.

 

I have already installed and created my site without the SSL option,

 

But now i would like to setup and use SSL , I would like to know the procedure and the files i need to ammend.. This is what i think i need to do but not too sure.

 

1. I need to get my Hosting company to make my Catalog folder SSL.

 

2. In my Admin/Include/Configure.php file i need to define my https shop name

DO just put the domain OR do i specify the full path as below. And i need to define my ('enable_ssl_catalog' .... to true

  define('HTTPS_CATALOG_SERVER', 'https://www.shopname.com/shop/catalog');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

3. In my Catalog/Include/configure.php i need to do the same things as below

  define('HTTPS_SERVER', 'https://www.shopname.com/shop/catalog'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

That's as far as i know If i have missed anything else or i need to ammend anything else please could you advise me many thanks

Link to comment
Share on other sites

No - those settings will not work. Use the https server path your webhost gives you. There are other settings if you care to look at your configure.php files - I shall post the catalog/includes/configure.php defines below - the admin side are similar:

 

  define('HTTP_SERVER', 'http://www.shopname.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://your_secure_server_path'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'shopname.com');
 define('HTTPS_COOKIE_DOMAIN', 'your_secure_server_domain');
 define('HTTP_COOKIE_PATH', '/shop/catalog/');
 define('HTTPS_COOKIE_PATH', '/shop/catalog');
 define('DIR_WS_HTTP_CATALOG', '/shop/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/shop/catalog');

 

The above are the most likely correct settings for you.

 

Matti

Link to comment
Share on other sites

Mine is similar. I do have SSL working properly when a checkout occurs. What I want to do is move the admin from http://www.mydomain.com/catalog/admin to https://store.mydomain.com/catalog/admin (store.mydomain.com is a CName, so different site altogether)

 

i do not understand this section very well, in fact still trying to figure out really how it does go to https://store.mydomain.com/catalog for checking out.

 

here are my different configure.php's, with catalog/includes/configure.php first, catalog/admin/includes/configure.php second.

 

<?php
/*
?osCommerce, Open Source E-Commerce Solutions
?http://www.oscommerce.com

?Copyright (c) 2003 osCommerce

?Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
?define('HTTP_SERVER', 'http://mydomain.com'); // eg, http://localhost - should not be empty for productive servers
?define('HTTPS_SERVER', 'https://mydomain.com'); // eg, https://localhost - should not be empty for productive servers
?define('ENABLE_SSL', true); // secure webserver for checkout procedure?
?define('HTTP_COOKIE_DOMAIN', 'mydomain.com');
?define('HTTPS_COOKIE_DOMAIN', 'mydomain.com');
?define('HTTP_COOKIE_PATH', '/catalog/');
?define('HTTPS_COOKIE_PATH', '/catalog/');
?define('DIR_WS_HTTP_CATALOG', '/catalog/');
?define('DIR_WS_HTTPS_CATALOG', '/catalog/');
?define('DIR_WS_IMAGES', 'images/');
?define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
?define('DIR_WS_INCLUDES', 'includes/');
?define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
?define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
?define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
?define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
?define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

?define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
?define('DIR_FS_CATALOG', '/home/recovery/www/mydomain.com/catalog/');
?define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
?define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
?define('DB_SERVER', 'ip address'); // eg, localhost - should not be empty for productive servers
?define('DB_SERVER_USERNAME', 'username');
?define('DB_SERVER_PASSWORD', 'password');
?define('DB_DATABASE', 'database');
?define('USE_PCONNECT', 'false'); // use persistent connections?
?define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

 

admin/includes/configure.php

 

<?php
/*
 osCommerce, Open Source E-Commerce Solutions
 [URL=http://www.oscommerce.com]http://www.oscommerce.com[/URL]

 Copyright ? 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://mydomain.com'); // eg, [URL=http://localhost]http://localhost[/URL] - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://mydomain.com');
 define('HTTPS_CATALOG_SERVER', 'https://store.mydomain.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', '/home/recovery/www/mydomain.com/catalog/'); // where the pages are located on the server
 define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/home/recovery/www/mydomain.com/catalog/admin/'); // absolute pate required
 define('DIR_WS_CATALOG', '/catalog/'); // absolute path required
 define('DIR_FS_CATALOG', '/home/recovery/www/mydomain.com/catalog/'); // absolute path required
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

// define our database connection
 define('DB_SERVER', 'ipaddress'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'username');
 define('DB_SERVER_PASSWORD', 'password');
 define('DB_DATABASE', 'database');
 define('USE_PCONNECT', 'true'); // use persisstent connections?
 define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'
?>

Link to comment
Share on other sites

I tried to set the SSL up but all i get is a windows The Page Cannot Be Displayed message. I don't have a clue how to fix it but I am trying to take each config file and look it over to see what I can find :angry:

In A World Without Walls Who Needs Windows

Link to comment
Share on other sites

HI Matti,

 

Thank you for your prompt reply...

 

You said i need to use the https server path my host company gives me...

 

Well i have spoken to them and they said i need setup the https folder myself... they have given me instructions to set and activate the folder i want to be https..

 

My folder structure is www.shopname.com and inside that i have my Folder SHOP in side that is folder CATALOG where my Oscommerce is currently installed..

 

So am i correct in saying i need set and activate the CATALOG folder to be the SSL folder.. and all the files in this foder would not be affected until i make the changes in both the configure.php file..

Link to comment
Share on other sites

When you setup the store thru install, you are asked if you wish to enable ssl. if you followed the prompts at that time, then the files necessary will transfer to the right folders.

Link to comment
Share on other sites

Hi Matti,

 

I have set the files as defined ealier int he post , then when i got to my my site's hompage i received this message on top

Warning: I am able to write to the configuration file: /store/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

I have checked my configure.php file permissions and they were set tp Chmod 644

 

then i changed it to 444 and the message goes but i know that is wrong ,, could someone please assist me..

 

Another question:

 

i have 2 domains - domain1 and domain2

 

currently my whole site works on domain1, but i need it to be domain2..

 

So do i just change all my setting in my configure file to read domain2.. instead of domain1.

Link to comment
Share on other sites

My host web.com says that SSL is extra and I dont want to pay their fee should I switch hosts or is there a way i can still get SSL some other way? My shop is setup and i tested it I just need the secured shopping area for checkout purposes. :blink:

In A World Without Walls Who Needs Windows

Link to comment
Share on other sites

Your Web host hopefully offers the SSL and you just have to get the info from them so you can set up your osc. Mine charges $195 extra for SSL and I dont want to pay that when I can get SSL for as low as $35 bucks. But I have to find out if I go elsewhere to get the SSL will i be able to use it with the site otherwise i have to transfer to another web host.

In A World Without Walls Who Needs Windows

Link to comment
Share on other sites

I have set up the SSL setting once again and i am getting the OScommerce error on top stating that it is able to write to the configure.php file.

 

and also when i got to a secure page it asks me if i want to view NON-secure items.. when i click YES i will see all my images but no padlock on the task bar, but if i click NO then i will not see any images and i see the padlock...

 

any assistance is great..

Link to comment
Share on other sites

you need to change the properties of the configure.php file, chmod 644 works.

for the non-secure items with secure items, means you have some items listed in the site with an http: instead of an https: (files not located on the secure server)

Link to comment
Share on other sites

I have checked the configure file to be Chmos 644 and the catalog/incudes chmod to be 755. And still no joy. yet the admin side seems to behave fine.

 

As for the http i have found a few images that point to the http. i have changed that to https and the secure path name, buit this still does not explain why the other images do no come up...

I do have my images in my catalog/ images directory.. yet my secure site is just https://securename.com/storename.com

:(

Link to comment
Share on other sites

I seem to get some images but not all, looking at my pages i realised that i most of my layout and images are in my stylesheet, and that is not coming out correctly..

Is there a configuration that i need to set to allow my stylesheet.css to show the correct layout.

Link to comment
Share on other sites

Your Web host hopefully offers the SSL and you just have to get the info from them so you can set up your osc. Mine charges $195 extra for SSL and I dont want to pay that when I can get SSL for as low as $35 bucks. But I have to find out if I go elsewhere to get the SSL will i be able to use it with the site otherwise i have to transfer to another web host.

The only problem is, I'm hosting myself, so if I ask myself, I'm out of luck, that why I'm asking. :huh:

Best Regards

Link to comment
Share on other sites

are you putting the store up for play or will you sell items off of it. also, is this going thru cable or dsl at home? would recommend if you are going to sell, go thru a host who has shared ssl for no additional price.

Link to comment
Share on other sites

are you putting the store up for play or will you sell items off of it.  also, is this going thru cable or dsl at home?  would recommend if you are going to sell, go thru a host who has shared ssl for no additional price.

No not for play, but I'm only selling a couple of items, but I want to figure this out.

 

With all the searching I have done on this subject, it looks like there's alot of money just selling ssl certificates.

Best Regards

Link to comment
Share on other sites

there is, however limited as to who sells them, 128 bit encryption, etc, has to meet lots of standards. you can find them as low as about 125 or so per year, depending upon your site size, may be worthwhile to pay a hosting company which has shared certificates available the $10 to $20 per month, as long as you have a small site (ie not much web space used).

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...