Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Changing from non-secure to secure - HELP!


dpenguin

Recommended Posts

I get no padlock and a cert warning. Check your cookie paths.

 

Why run the entire site ssl?

 

I also get the shifting footer problem on lots of your pages.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

The cert warning is probably because we made our own instead of paying hundreds to Verisign or whoever to make us one. Did you try saying it was ok? If so, did you get the padlock then?

 

I noticed the shifting footer problem. How do I fix that?

 

Thank you very much for your time.

 

Also - we're running the whole site secure because it seemed easier that way than to try to break it out.

 

Dawn

Link to comment
Share on other sites

Never get the padlock. You can find certs for $50/year

 

Search for shifting footer or try this first http://www.oscommerce.com/forums/index.php?showtopic=82391&st=0&

 

Running the whole site secure slows it down and it's hardly any easier.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Ok, well, do you get into the site? Can you put things in the shopping cart?

 

also - thank you for the link to the footer fix, we haven't noticed a slowdown, and we couldn't find certs for less than $200.

Link to comment
Share on other sites

For excellent value and security - single root 128 bit SSL - try going to www.freeSSL.com - they have a range of different SSL certificates. Certainly if you're anticipating what they call "LITE" commerce, you're going to be able to purchase a certificate for around US$40.

Link to comment
Share on other sites

Ok, well, do you get into the site? Can you put things in the shopping cart?

No, I can't add items to the cart. Never get a padlock.

 

You almost certainly have mistakes in your configure.php file.

 

It looks like you have a captive market. Why skimp on things that make the site look professional? You want people to trust the site, not get warnings.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I found a couple things I'd missed in the configure.php (thanks for mentioning that!) and fixed them but it still isn't working. Are there any other files where I might need to add/change something, that you know of?

 

The certificate is valid, even if it isn't by verisign or someone like that - so I don't think that is an issue at the moment. I just need to know what I'm missing for the stuff not to go in the shopping cart.

 

Thanks again :)

Link to comment
Share on other sites

Re the certification - many people who shop online are quite specific about who they'll trust when it comes to credit card details. If you don't have a trusted name verifying that your site is secure, it may deter some customers. That's the major reason to go for a known SSL certificate, certified by a known name. In a way, it's like buying a shop with "goodwill", rather than buying premises and building up your customer base from scratch.

 

Of course, it's your decision...

 

Good luck with the "add to cart" problem.

Link to comment
Share on other sites

That may be an issue with another one, but this one is mainly internal. The only people who are ordering here are employees of the LWC. They were already ordering before we switched to secure, so it obviously doesn't bother them.

 

The add to cart problem is the main thing and I really need to find out how to fix it!

 

Any help is tremendously appreciated.

Link to comment
Share on other sites

I got the lock but after a warning appeared. You are about to view a site that is secure but you don't trust the issuer of the certificate. Do you want to proceed" or something like that. I would loose the languages and currency boxes on the right banner. If there are no choices then they aren't really relevent.

Link to comment
Share on other sites

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.turnkeyconcepts.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.turnkeyconcepts.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.turnkeyconcepts.com');

define('HTTPS_COOKIE_DOMAIN', 'www.turnkeyconcepts.com');

define('HTTP_COOKIE_PATH', '/osc/catalog/');

define('HTTPS_COOKIE_PATH', '/osc/catalog/');

define('DIR_WS_HTTP_CATALOG', '/osc/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/osc/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/turnkey/public_html/osc/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '***');

define('DB_SERVER_PASSWORD', '***');

define('DB_DATABASE', 'turnkey');

define('USE_PCONNECT', 'true'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

Link to comment
Share on other sites

Got it licked! B)

 

Only the shopping cart is secure. The rest of the site is not.

 

We turned on the secure on the server, and the program set to secure also, somehow was "double securing" it and screwing it up.

 

Anyone know how to get around that?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...