Guest Posted May 29, 2004 Share Posted May 29, 2004 Yesterday I installed an SSL cert on my site and changed the configure.php file to: define('HTTP_SERVER', 'http://acehighsupply.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://acehighsupply.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'acehighsupply.com'); define('HTTPS_COOKIE_DOMAIN', 'acehighsupply.com'); However, OsC does not direct to a secure page at any point during checkout (or login, or anything else). The SSL cert works just fine - you can just add the "s" to http on any page and it works. Is there something I am missing? Why is OsC not directing to https pages? Obviously (from above), the site is http://acehighsupply.com Thanks for the help!! Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 i would double check the configure.php file, as when i go to the secure site, there is no problem. when i go to where it should switch to secure, it does not, therefore i think your acehighsupply.com/includes/configure.php file is incorrect. Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 Thanks for the reply Mibble. Below is my full configure.php file directly from the server (this is not from my computer, I made sure to get the file that is off the server). Do you see anything wrong with it? <?php /* $Id: configure.php,v 1.14 2003/07/09 01:15:48 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://acehighsupply.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://acehighsupply.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'acehighsupply.com'); define('HTTPS_COOKIE_DOMAIN', 'acehighsupply.com'); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME'])); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', ''); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'osCommerce'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql' ?> Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 Not for sure if this will get it, but you might want to try changing: define('DIR_FS_CATALOG', dirname('/home/TYPE_ACCOUNT_USERNAME_HERE/public_html/'); Of course, your path may be a little different... Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 Thanks for the tip . . . I tried it, but it didn't seem to affect anything. Checkout is still not using https. Hmmm . . . this thing has me beating my head against the wall! There should be no reason why it shouldn't work, right? Anyone else see anything that needs to be done? Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 Can you post your acehighsupply.com/admin/includes/configure.php file as well? Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 Here is acehighsupply.com/admin/includes/configure.php: <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2002 osCommerce Released under the GNU General Public License */ // define our webserver variables // FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', ''); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', ''); define('HTTPS_CATALOG_SERVER', ''); define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', 'http://www.acehighsupply.com/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', ''); define('DB_SERVER_USERNAME', 'mysql'); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'osCommerce'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', ''); ?> Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 Ok, Change: define('HTTP_SERVER', ''); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', ''); define('HTTPS_CATALOG_SERVER', ''); define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module to: define('HTTP_SERVER', 'https://acehighsupply.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'https://acehighsupply.com'); define('HTTPS_CATALOG_SERVER', 'https://acehighsupply.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module and define('DIR_WS_CATALOG', 'http://www.acehighsupply.com/'); to define('DIR_WS_CATALOG', 'http://acehighsupply.com/'); Hopefully that will help, I don't know :) Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 Thanks again for the help. Still no go :( Here is the admin/includes/configure.php now: <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2002 osCommerce Released under the GNU General Public License */ // define our webserver variables // FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', 'https://acehighsupply.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'https://acehighsupply.com'); define('HTTPS_CATALOG_SERVER', 'https://acehighsupply.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', 'http://acehighsupply.com/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', ''); define('DB_SERVER_USERNAME', 'mysql'); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'osCommerce'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', ''); ?> Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 umm.. when you login too https://acehighsupply.com/admin , are all your pages secure?? Link to comment Share on other sites More sharing options...
Guest Posted May 29, 2004 Share Posted May 29, 2004 I can log into https://acehighsupply.com/admin and it works fine - I get the message, "You are protected by a 128-bit secure SSL connection." However, all of the links on that page lead to "http://" not "https://". Are the links supposed to be https? Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 They should be. Especially since you would want to download your orders using your SSL connection, so if all the links are http:// inside your admin, that's frustrating too. ...scratching head..... Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 29, 2004 Share Posted May 29, 2004 You may want to try one more thing: chage in admin/includes/configure.php define('DIR_WS_CATALOG', 'http://acehighsupply.com/'); to define('DIR_WS_CATALOG', '/'); After that, I am all out of ideas. Maybe someone else can help us. Link to comment Share on other sites More sharing options...
AlanR Posted May 29, 2004 Share Posted May 29, 2004 This is the first time I've seen this particular problem. Lots of ssl questions but never this one. I've poked around a little in the code to see what might cause this but some we'll need to change a few things to test and see where the problem is. I don't have time now, but late today or tommorrow I can give you a couple lines to change to isolate the problem. Check any work you've done that might have affected this. If you don't have luck by tomorrow then bump this thread. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
chrislundberg Posted May 30, 2004 Share Posted May 30, 2004 If you are running off your own computer,and you use apache could you provide your ssl.conf file to us to see. It seems like its a server setup problem. And to much focus is on your osc config files as they look fine from the start. Also your server needs to be started in ssl mode if apache. Link to comment Share on other sites More sharing options...
chrislundberg Posted May 30, 2004 Share Posted May 30, 2004 On my system, when the customer is looking at my products its not protected, only when they login or check out it displays the ssl lock. It will switch between protected and not as you move around. I don't understand why admin needs ssl proctection as you only have access to it. My live shop is at http://realhomeandgarden.com please no fake orders as it a live shop. Link to comment Share on other sites More sharing options...
msstatebdfan Posted May 31, 2004 Share Posted May 31, 2004 I don't understand why admin needs ssl proctection as you only have access to it. What's the point of having SSL if you don't download your customers orders over a SSL secure connection? Link to comment Share on other sites More sharing options...
chrislundberg Posted May 31, 2004 Share Posted May 31, 2004 I agree, I was looking at it from the point of view of having your server local not hosted. Link to comment Share on other sites More sharing options...
Guest Posted June 1, 2004 Share Posted June 1, 2004 Sorry, I was out backpacking the last couple days so I couldn't continue this discussion . . . Anyway, I am still at square one. Nothing has changed, which means OsC does not go to a secure page for checkout or login. chrislundberg - i don't want the product pages secure, just the usual checkout and login pages . . . just like OsC is supposed to work. Also, I am not running this from a local computer. On the server, there is no ssl.conf file. There is a an ssl.conf folder - (root of the server)/ssl.conf/acehighsupply.com/ Within that directory, there are two files. One is the key (server.key) and the other is the cert (server.crt). Both are fine since SSL works on the site - OsC just doesn't use it. Thanks to everyone for their help. Hopefully, this will be figured out soon! Anyone have any new ideas? Link to comment Share on other sites More sharing options...
AlanR Posted June 1, 2004 Share Posted June 1, 2004 Thanks to everyone for their help. Hopefully, this will be figured out soon! Anyone have any new ideas? Did you ever set this: define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME'])); correctly? If you don't know what it should be drop a file named phpinfo.php with these three lines <? phpinfo(); ?> in your catalog folder and post back after you've done it. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted June 1, 2004 Share Posted June 1, 2004 I played around with it - but not sure if I put in the right directory information. When it didn't work, I just re-upped the backup. Here is the PHP info: http://acehighsupply.com/phpinfo.php Link to comment Share on other sites More sharing options...
AlanR Posted June 1, 2004 Share Posted June 1, 2004 OK, the line should be: define('DIR_FS_CATALOG', '/hsphere/local/home/sirpsych/acehighsupply.com/'); oops, no catalog, you're in root. :( Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted June 1, 2004 Share Posted June 1, 2004 Ok, I have the exact line in there. The site works, but still no secure checkout :( Link to comment Share on other sites More sharing options...
Guest Posted June 1, 2004 Share Posted June 1, 2004 Here is my configure.php file from /includes/configure.php after the changes I have made from this thread. The site still runs just fine, but there is still no switch over to a secure site during login or checkout <?php /* $Id: configure.php,v 1.14 2003/07/09 01:15:48 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://acehighsupply.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://acehighsupply.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'acehighsupply.com'); define('HTTPS_COOKIE_DOMAIN', 'acehighsupply.com'); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/hsphere/local/home/sirpsych/acehighsupply.com/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', ''); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'osCommerce'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql' ?> Link to comment Share on other sites More sharing options...
AlanR Posted June 1, 2004 Share Posted June 1, 2004 You've got exactly the same problem as this guy. http://www.oscommerce.com/forums/index.php?showtopic=95438 So when we figure out one we'll figure them both out. I've seen a lot of problems with ssl but this is a first and seemingly so simple. I'm trying to figure out why html_output.php is not setting up the right links. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.