Guest Posted February 26, 2004 Share Posted February 26, 2004 I'm looking for instructions on how to CORRECTLY setup SSL for the store. I have done it before by just securing the entire catalog folder but would rather not. Specifically, what folder do I need to secure in my cert request (I have to define a secure URL directory)? It has been surprising difficult to find any documentation on this topic. There are a lot of posts on SSL problems so I'm looking to do this properly from the start. Also., if I need to sync another folder with my SSL directory what would that be? Link to comment Share on other sites More sharing options...
charlieworks Posted February 26, 2004 Share Posted February 26, 2004 Since you have a little experience with SSL it sounds like maybe you can help me with my problem. Im trying to get the SSL configuration off of oscommerce. I accidentily put it on there not know what SSL was. Link to comment Share on other sites More sharing options...
boosy90 Posted February 26, 2004 Share Posted February 26, 2004 Is this your own server or are you having someone else host your site? Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2004 Share Posted February 26, 2004 It is my own server. Link to comment Share on other sites More sharing options...
homepageonline Posted February 26, 2004 Share Posted February 26, 2004 yes, being a new user I have been looking for the files that need to be edited in order to use SSL certificate. The certificate (in my case) has already been installed now where do you edit the files to tell it to go https?? Other than the path there should be no difference if it's a server wide or domain ssl correct? Thank you for your time! Conrad Thank you for your time!! Conrad Link to comment Share on other sites More sharing options...
boosy90 Posted February 26, 2004 Share Posted February 26, 2004 I'm new so I hope I'm giving bad info :-( I have a test site using ssl and it works...so I just did the "out of the box" install and checked off the ssl enable. Now I was looking around for some informatiom and in the /catalog/includes/configure.php This is where the ssl server is declaried... define('HTTPS_SERVER', 'https://xx.xx.xx.xx'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? So for the other question, maybe just change the true to false. On my server I have one ssl cert for www.mydomain.com in my http.conf file I list that as my gobal ssl server cert. (because I only have one site on it). Now if I have another site ie www.mydomain2.com I would have to create virtual ssl hosts (kinda like regular virtual hosts excpt they cannot be name based) So the way I understand it (remember I'm new) if I wanted to have 2 ssl sites on one server I would have to have 2 ips 1 for each. One thing to remember is www.mydomain.com and mydomain.com and test.mydomain.com would all require different ssl certs unless you purchase a wild card ssl cert. I have no idea if this helped you or not, just trying to help and give back while I'm learning. So if anyone reads this and I'm not correct on something please let me know. I can take it....lol D. That conatins the ssl information Link to comment Share on other sites More sharing options...
homepageonline Posted February 27, 2004 Share Posted February 27, 2004 does this mean I add the https://path.com to the configure.php file? I have set it to true already but nothing seems to happen. Thank you !! Thank you for your time!! Conrad Link to comment Share on other sites More sharing options...
Guest Posted February 27, 2004 Share Posted February 27, 2004 You guys are missing the point of my original question a little. Yes Doug, you can SSL the entire site but the question remains, what URL are you using for the SSL certificate request? If you have a server wide (shared) SSL then what domain are you using when you request? YOU HAVE TO PUT A URL PATH INTO THE SSL CERT REQUEST. IF YOU USE THE PATH TO YOUR "CATALOG" DIRECTORY THEN THE ENTIRE SITE WILL BE SECURE. I'M LOOKING FOR A WAY AROUND THAT. Clear as mud? Link to comment Share on other sites More sharing options...
skullkeepers Posted March 3, 2004 Share Posted March 3, 2004 How do I make entire folders SSL secure? Thanks Mark Link to comment Share on other sites More sharing options...
threeG Posted March 4, 2004 Share Posted March 4, 2004 Hi Mark, You can set the following in catalog/includes/configure.php define('HTTP_SERVER', 'https://www.yourdomain.com'); Instead of setting to the regular http set it to https. I should tell you that I am presently having a problem with this setting. It appears to cause problems with the Contact Us form and various account pages. Try the setting and let me know if it cause you any problems like those I have decribed. Regards, John "There is nothing like a little successful tinkering to bring out the looney mad scientist in all of us. Brohoohoohoooohaahaahaaahahaaaaaaaaaa!" Link to comment Share on other sites More sharing options...
threeG Posted March 4, 2004 Share Posted March 4, 2004 The problems I was having and am having appear to be related to the way in which the SSL certificate has been set up for my site. My host service provides for a shared SSL - when I use that no problems. When I use the dedicated one I purchased through them - no luck, it craps out. I would still be interested to hear how the setting works for you and if you are using shared SSL or dedicated. Regards, John "There is nothing like a little successful tinkering to bring out the looney mad scientist in all of us. Brohoohoohoooohaahaahaaahahaaaaaaaaaa!" Link to comment Share on other sites More sharing options...
Guest Posted April 29, 2004 Share Posted April 29, 2004 The problems I was having and am having appear to be related to the way in which the SSL certificate has been set up for my site. My host service provides for a shared SSL - when I use that no problems. When I use the dedicated one I purchased through them - no luck, it craps out. I would still be interested to hear how the setting works for you and if you are using shared SSL or dedicated. Please define what results you are getting to make it "crap out." Link to comment Share on other sites More sharing options...
horror_guy Posted April 29, 2004 Share Posted April 29, 2004 I have been trying to do this also, but am running into snags. I am using a shared connection and have enabled the SSL Security on my hosting control panel. A /secure and /secure cgi-bin folder was created on my server after I did it. This is the address of my secure site: https://www.securewebexchange.com/horrormonsters.com I have changed the paths in both the admin and catalog config files to the above address also, but am getting the page not found error. What I am wondering is how I can access my catalog and make my entire catalog secure using this setup? and do I have to move all of the oscommerce files into the /secure directory? Cheers, Mark Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.