Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL checkout problems


smalltoycar

Recommended Posts

Hello,

 

I've just installed osCommerce (with SSL option selected) on my nonSSLdomain without any problems (the Shop is installed on a seperate DNS to my SSL).

 

However, when I tried to checkout an item, the checkout_shipping.php couldn't be found on my SSLdomain. So, realizing that the osCommerce installation worked only on my nonSSLdomain, I created a directory manually on my SSLdomain and placed the checkout_shipping.php file and all other files inside it (to be sure I had all files).

 

This worked, but now I am asked to enable register_globals in php.ini (is this normal? If my SSLdomain DNS provider enable this, will I continue to get other problems as a result of using a seperate SSL DNS, and if not, then what can I do?)

 

Is there anywhere that I can find documentation on setting up osCommerce to use a SSL that resides on a seperate domain?

 

Hope someone can help. Thanks.

Link to comment
Share on other sites

I've been looking around the forum some more, and am I right in thinking that:

 

1. A single SSL cannot be used for multiple domains?

2. That even if it could, I'd have to upload all files to the SSL server AS WELL AS to the nonSSLserver in which the main shop resides?

3. I'd be better off paying for a new SSL DNS to create my osCommerce Shop, rather than creating a Shop front on a nonSSL DNS and linking it to a SSL DNS?

 

Is anyone successfully using a single SSL DNS to SSL enable multiple domains (websites)?

Link to comment
Share on other sites

1. You can only use one SSL domain per certificate. You can put any number of shops on that domain (www.domain.com/site1, www.domain.com/site2, etc.), and they may have their own non-SSL domains as well. This is generally called shared SSL.

 

2. If they are separate servers, yes, that is true. Although, there are some files that are SSL only and some files that are not SSL. You could split those across servers if you wanted. Not much gain though, as more files are shared than are separate. I would put the admin area only on the SSL side. YMMV.

 

3. Possibly. I think that it looks more professional anyway. You can find SSL certificates for $50 on the web. Your host may or may not charge to install the certificate.

 

Hth,

Matt

Always back up before making changes.

Link to comment
Share on other sites

Thanks for the reply Matt.

 

Out of curiosity, why does osCommerce offer SSL as an optional feature? Surely if someone opened an online shop without SSL, and somebody hacked their site, they wouldn't be entitled by their bank to recieve any compensation for any potential losses due to a lack of secure online processing!?

Link to comment
Share on other sites

Those who develop on a local machine and upload the completed product have good reason to install without SSL. Also, some people leave SSL off if customers go to another site to process payment, e.g. PayPal. Or they may only accept COD orders, etc.

 

I would agree that a live site should have SSL, but I still find myself installing test sites, etc. without SSL. Also, sometimes people install the site before buying the SSL certificate.

 

Hth,

Matt

Always back up before making changes.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...