Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Moving from Non-SSL to SSL ?


antiz

Recommended Posts

Hello and happy new year to everybody,

 

I have setup a test version of my online shop on a non-ssl server.

 

Now that my tests are okay I would lik my shop to go live so I would like to know what do I need to move to an ssl system in terms of hosting and oscommerce configuration ?

 

Thnaks in advance for your help

Link to comment
Share on other sites

Hi Alexis,

 

minutes ago i posted a topic of nearly the same kind.

 

the thing i know is, there are two options for ssl:

 

- a certificate for around 200 bucks a year for a specific domain

(i. e. [https://www.ssl-domain.tld/])

 

- a proxy with one certificate owned by your ISP and a connection (account) to your domain or server. costs from only 1 buck per month up to more - according to your ISP

(i. e. [https://ssl-proxy.tld/nonssl-domain.tld/])

 

what i don't know is: how to configure the running osCommerce to switch from Non-SSL to SSL

(my topic: http://www.oscommerce.com/forums/index.php?sho...ndpost&p=285107 )

 

cheers

 

andi

Link to comment
Share on other sites

Your hosting usually comes with ssl or an option to add ssl. You do not have to worry when to switch it...osc does this by itself.

 

If you have ssl on your hosting already just open catalog/includes/configure.php.

 

Set ENABLE_SSL to true and set the https paths for your ssl server. You dont need special folders or anything like some post on here claim. Your done...when an account or checkout or something is called while a surfer is using your site..osc will take them in and out of ssl mode.

 

Also make sure header and footer have the proper image paths so you dont get the secure/unsecure error. See the wiki docs if you have this problem.

The Wiki Docs: Read them, live them and be thankful for them!

Link to comment
Share on other sites

hi,

 

thats not what i expected. why in configure.php there is an HTTPS-Domain, when the HTTP-Domain is set to an https address?

 

ok, the admin *is* secure. but it still says "You are not protected by a secure SSL connection.". The browser shows the closed lock for ssl.

 

i've tryed the catalog before. it works. but the admin page still refers to the HTTP domain in every link. where to switch is. any hidden link i. e. "connect over ssl" in the menu?

 

any hints? please!

 

andi

Link to comment
Share on other sites

I think the problem is related to code in the html_output.php files:

 

...

// The HTML href link wrapper function

function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL', $

add_session_id = true, $search_engine_safe = true) {

global $request_type, $session_started, $SID;

...

 

It looks like it is being hard-coded to NONSSL.

 

This is the code that generates the links you see in html output.

Link to comment
Share on other sites

in the admin/includes/configure.php did you try to change that to https instead of http and then logon to the site to see what happened? you will never know until you try. i use this, Matti is the one who showed me that trick. but if you wish to think over things instead of trying, be my guest

Link to comment
Share on other sites

Hello and happy new year to everybody,

 

I have setup a test version of my online shop on a non-ssl server.

 

Now that my tests are okay I would lik my shop to go live so I would like to know what do I need to move to an ssl system in terms of hosting and oscommerce configuration ?

 

Thnaks in advance for your help

Hi, If you click on this link it will take you to a posting where I show you the code you need in includes/configure.php to point to ssl or shared sll for oscommerce. Hope this helps - Vger

Forum Posting - SSL

Link to comment
Share on other sites

Hi John,

How do you logout of the admin? Whenever I access /admin it always takes me in without a login. Is there a logout?

No, but if you close your browser window you should be completely logged out, as the session has been terminated. If you are being allowed access to admin without a login you need to rectify it immediately by setting up a password protected directory for that folder. Vger

Link to comment
Share on other sites

Vger,

This does not work. I closed out all browsers. I setup configure.php as per all of these posts about how to set it up. I accessed http://www.mydomain.com/store/admin (/store is where oscommerce is installed) and I login to the admin. I click on Catalog and it does not put up the padlock. Any other ideas?

My post related to how to operate the site in general on an ssl or shared ssl connection. This will not put 'admin' under ssl. The best thing to do with 'admin' is to make it a 'password protected directory' and then you'll be asked to Login each time you go to it - same for anyone else trying to access it. Then, when you exit it and close the browser window your session is finished and you would need to Login again to access it the next time you visit. Vger

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...