Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Problem After Installing


azo313

Recommended Posts

Posted

When I go into my admin panel it says:

 

"You are not protected by a secure SSL connection."

 

However, I do have an SSL certificate installed and working on the store. When I visit the secure checkout area the URL is https:// and there is a lock in the browser.

 

Why does it give me the error message in my control panel and how do I fix it? Thanks!

Posted

Change the HTTP_SERVER in admin/includes/configure.php to the https URL rather than the http URL.

 

Hth,

Matt

Always back up before making changes.

Posted

I changed the HTTP_SERVER in "admin/includes/configure.php" AND "includes/configure.php" to the https URL rather than the http URL. However, I still get the error in my admin panel. It did not do anything.

 

Plus, that made it so that all of my pages (even just catalog pages) are secure, which I don't think is really necessary. But regardless, it did not solve the problem. What else could I try?

Posted

There is no reason to change it in the catalog configure.php file. Just the admin file. Also, make sure that you make the initial access on the https URL.

 

Hth,

Matt

Always back up before making changes.

Posted

Oh ok,

 

Thanks very much. What is the point of accessing the admin using the secure URL though? Does it help with anything? I did it and it says: "You are protected by a unknown secure SSL connection."

 

Another question, why is it an "unknown" one. Does that matter? Any way to make it known?

 

Thanks again!

Posted

It just means that the web server is not setting the SSL_CIPHER_ALGKEYSIZE envelope value. It doesn't really matter (the SSL matters...without it, you are passing all the info in plain text), as it doesn't affect the encryption in any way. If you don't like the text, you can change it in the language file.

 

Hth,

Matt

Always back up before making changes.

Posted

Thanks,

 

I guess my last question is do I NEED to access the admin with the secure URL? Is it unsafe to access the admin without the secure URL? What do you recommend?

 

Also, can't you still just access the admin using the secure URL without having to change it in the configure.php file as you stated? Just curious.

Posted

If you do not use the secure URL any info (including your password) is passed clear text and anyone along the network path (including neighbors if you are using a cable modem) can see it.

 

The configure.php file controls what the links will show. If you are using the directory protection provided by the web server, it passes the username/password with each page request, so you want to do that over SSL. Even with session based logins, the session ID can be hijacked if one does not use SSL.

 

Hth,

Matt

Always back up before making changes.

Posted
Change the HTTP_SERVER in admin/includes/configure.php to the https URL rather than the http URL.

 

Hth,

Matt

I have the same problem, but this is the error I get when I change the admin/include/configure.php file:

 

Warning: main(DIR_WS_INCLUDESfilenames.php): failed to open stream: No such file or directory in /home/myusername/public_html/catalog/admin/includes/application_top.php on line 44

 

Warning: main(DIR_WS_INCLUDESfilenames.php): failed to open stream: No such file or directory in /home/myusername/public_html/catalog/admin/includes/application_top.php on line 44

 

Fatal error: main(): Failed opening required 'DIR_WS_INCLUDESfilenames.php' (include_path='.:/usr/local/lib/php') in /home/username/public_html/catalog/admin/includes/application_top.php on line 44

:(

 

I have to reload the configure.php file every time because it does not fix it, lucky I am a backup fanatic.

 

any suggestions? Thanks

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...