Problems with SSL (help!!)

[rsank]

Hello,

 

I have a site under yahoo web hosting. There is automatic SSL support with Yahoo. All we need to do is create a directory called 'ssl' and all pages under that directory have SSL enabled using Yahoo's certificate. This worked fine for a php email order form that I had before I installed osCommerce.

After installing osCommerce, I copied the catalog from the root directory to the ssl directory. Changed the settings in configure.php and the pages seem to come up fine but I have the following problems:

1. There is no SSL (lock) icon in the status box of the browser window in the login page even though I can see it is being served by the yahoo ssl server (the url changes from www.myshop.com).

2. I am unable to log in. I enter the correct user name and pwd but it never logs me in. Always shows a pwd or userid error.

 

As far as I can see, the database is accessible because the login page does show the 'specials' and 'new items' info boxes.

 

Any help here is appreciated. I haven't gone into the code yet. Thought I would post first and see if anyone else has had similar experience. Attached is my configure.php

 

<?php
/*
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.myshop.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'http://www.myshop.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'http://www.myshop.com');
 define('HTTPS_COOKIE_DOMAIN', 'http://www.myshop.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/ssl/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/ssl/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'mysql'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'myuser');
 define('DB_SERVER_PASSWORD', 'mypwd');
 define('DB_DATABASE', 'myshop');
 define('USE_PCONNECT', 'true'); // use persistent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

[ejd32]

Hi there,

 

I am a complete newby searching for some similar http answers, but shouldnt URL in the line 'HTTPS_SERVER' in your config file read https? i.e.

 

define('HTTPS_SERVER', 'https://www.myshop.com');