Jump to content



Photo
* * * * * 13 votes

How to install SSL on OSC: A Simple 1-2-3 Instruction


This topic has been archived. This means that you cannot reply to this topic.
485 replies to this topic

#41   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 05 December 2006 - 17:16

I would really have to take a harder look at your includes/configure.php file. Something isn't right in there. You can go ahead and e-mail me if you'd like.
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#42   captainkrm

captainkrm
  • Members
  • 9 posts

Posted 13 December 2006 - 09:06

i try and edit my configure.php files and it says i do not have permission to do so - how can i change it so i can?

#43   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 13 December 2006 - 12:18

There's more than 1 answer to this, but here's one way.

1) Go and download an FTP too, such as WS FTP LE - http://www.inno-tech...tp_program.html

2) Save it to your desktop, and unzip it, and set it up.

3) Profile Name: Anything you wanna call your website
Host Name/Addy: domain.com (no www)
Host Type: Automatic Detect
User ID: The user ID your host gave you
Password: The password your host gave you
* Leave anonymous unchecked, and check off save password
* leave account and comment blank

4) Start WS FTP. The left side is your hard drive, the right side is your server. Focus on the right side. Find public_html, or httpdocs, or wherever your files are kept. Click it. Find your (catalog)/includes/configure.php file.

5) Right-click it, and select CHMOD (Unix)

6) Change permissions to 644, where only the owner can read/write, and everyone else can only read -- not write and execute. Do this by unchecking the boxes "write" and "execute" for 'group' and 'other' and you should be all set.

Good luck.
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#44   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 13 December 2006 - 12:20

Oops ... Set it to 777 temporarily -- read/write/execute for all, so you can edit it. When you're done, be sure to switch your configure.php files back to 644, so nobody else has permissions to read/write/execute your config files.
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#45   getstuff4u

getstuff4u
  • Members
  • 2 posts

Posted 14 December 2006 - 11:30

Hello Jason and G'Day from Australia, /thumbsup.gif' class='bbc_emoticon' alt=':thumbsup:' /> , I was wondering if you could advise me on an SSL matter,.....PLEASE. Cannot display the page error for all 'secure' pages.
I have had a few different tries at securing my osCommerce install but I seem to be missing something, brain cells I suspect /laugh.gif' class='bbc_emoticon' alt=':lol:' /> . My site is installed as/in a sub-domain(/shopping). Certificates are in place for both Domain(www.mysite.com) and Sub-Domain(www.mysite.com/shopping) This is 'bound' as a sub-domain, not just a folder.

admin/includes.configure has been modified as below

define('HTTP_SERVER', 'https://mysite.com/shopping'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'https://mysite.com/shopping');
define('HTTPS_CATALOG_SERVER', 'https://mysite.com/shopping');
define('ENABLE_SSL_CATALOG', 'true');

includes/configure also modified

define('HTTP_SERVER', 'https://mysite.com/shopping'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'https://mysite.com/shopping');
define('HTTPS_CATALOG_SERVER', 'https://mysite.com/shopping');
define('ENABLE_SSL_CATALOG', 'true')

I have some suspicions as to where I have got it wrong (other than the brain cell thing /blink.gif' class='bbc_emoticon' alt=':blink:' /> ) but I just can't seem to get it right.
Do you think you could straighten me out on this? I have looked all over the place for a solution but havent found anything that quite fits the bill in terms of subdomain install. Really hope you can help, Cheers and all the best. Rob
Merry Christmas to you and yours and all of that

#46   getstuff4u

getstuff4u
  • Members
  • 2 posts

Posted 14 December 2006 - 11:41

Hmmm!?
Now I feel really dumb, because it is a sub-domain it can be accessed by either, www.shopping.mysite.com , or , www.mysite.com/shopping ,
Should my defines be for the first syntax or the second? uummm

#47   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 14 December 2006 - 14:09

Well, for starters, you say the cert was issued to www.yourdomain.com, but your config files are without any www ... they're just set to http://domain.com. Of course, this will cause problems. But other than that, I'd really have to get into your site to figure it out, because your situation sounds too confusing, with different subdomains, various SSL's, etc., etc., ... But you never even gave me your URL. Anyway, use the e-mail link (not the message one) in my profile if you'd like.
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#48   captneil

captneil
  • Members
  • 14 posts

Posted 14 December 2006 - 22:44

Oh, and I've since been able to get a webpage by going to
http://www.smartgirl...front/login.php

Made me think apache wasn't listening right, and therefore getting the last error.
Haven't been able to turn this around though. Any help would be OH SO APPRECIATED...
Thanks,
Neil

#49   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 15 December 2006 - 12:06

Neil, I can't get any URL to work. The log you posted says a lot, but doesn't say much. E-mail me (hit my profile, do not message) for help if you would like .....
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#50   lewisqic

lewisqic
  • Members
  • 109 posts

Posted 15 December 2006 - 22:04

Hi Jason, you seem to know what you're talking about when it comes to ssl so i was hoping that you might be able to help me out. I just barely installed my ssl certificate onto my server for my osc store and things are fine, i followed your instructions at the beginning of the this post and edited both of my configure files as well. Here's the problem, when i access any of the pages on my site that should be secure, such as shopping cart and checkout, there is the S in the http://, indicating that it is not secure.
the site that i am working on can be found at OutfitterWarehouse.com
I can manually enter httpS://www.outfitterwarehouse.com and it brings up my site with no problem, but as soon as i click on a link it reverts back to the normal http://.
Can you please take a look and maybe help me figure out what is going wrong, thanks.
lewisqic

#51   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 15 December 2006 - 22:16

Hi Jason, you seem to know what you're talking about when it comes to ssl so i was hoping that you might be able to help me out. I just barely installed my ssl certificate onto my server for my osc store and things are fine, i followed your instructions at the beginning of the this post and edited both of my configure files as well. Here's the problem, when i access any of the pages on my site that should be secure, such as shopping cart and checkout, there is the S in the http://, indicating that it is not secure.
the site that i am working on can be found at OutfitterWarehouse.com
I can manually enter httpS://www.outfitterwarehouse.com and it brings up my site with no problem, but as soon as i click on a link it reverts back to the normal http://.
Can you please take a look and maybe help me figure out what is going wrong, thanks.



Neil, first your .htaccess must include this line -- copy and paste it:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.yourdomain.com$
RewriteRule ^(.*)$ http://yourdomain.com/$1 [R=301,L]

Now, that is assuming your SSL was signed to yourdomain.com, NOT www.yourdomain.com .... the "www" makes all the diffference in the world. Other than that, your config files are definitely messed up. E-mail me them for correction ..... use the e-mail link in my profile.

Jason
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#52   lewisqic

lewisqic
  • Members
  • 109 posts

Posted 16 December 2006 - 01:08

Neil, first your .htaccess must include this line -- copy and paste it:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.yourdomain.com$
RewriteRule ^(.*)$ http://yourdomain.com/$1 [R=301,L]

Now, that is assuming your SSL was signed to yourdomain.com, NOT www.yourdomain.com .... the "www" makes all the diffference in the world. Other than that, your config files are definitely messed up. E-mail me them for correction ..... use the e-mail link in my profile.

Jason



Okay, i added that code to my htaccess file but it didn't change anything. I do believe that the SSL was signed to www.domain.com though, is there a way to work around that? what must i do now? thanks
lewisqic

#53   captneil

captneil
  • Members
  • 14 posts

Posted 25 December 2006 - 18:19

I sorted my mess out. Easy really.
I commented out all my other virtual hosts in the Apache conf file.... duh!
An SSL cert needs a dedicated IP address... which is a little obvious, but was never mentioned anywhere.
Anywho, everything worked perfectly from then on, just as your 1-2-3 process detailed.
Thanks for all the help, and I hope someone learns from this. /smile.gif' class='bbc_emoticon' alt=':)' />
-Neil

#54   xronis

xronis
  • Members
  • 66 posts

Posted 09 January 2007 - 13:19

hey jpweber what do you mean ssl company and host on the same page

i know stupid question but i don't get it
thanks

i allready have a shared ssl but i think i will buy one

#55   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 09 January 2007 - 13:24

The Shared SSL can work ... you just have to know how to alter your configure.php files, and what the host company's path to SSL is.

Being on the same page .... sometimes (too often, imho), the SSL company will assign a certificate for http://domain.com, and your host will install it on http://www.domain.com (note the "www"). The SSL company who's issuing the SSL and your host who's installing the SSL on your server must both be on the same page -- with or without the www. IF there is a cross-up, you'll receive errors.

So be clear with the SSL company -- "I want this on WWW.domain.com", and then be clear with the host -- "I want this installed on WWW.domain.com" ....
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#56   Ausgirl

Ausgirl
  • Members
  • 936 posts

Posted 12 January 2007 - 15:31

Hello,

My host has installed a SSL Certificate (Geotrust) on my site. Since doing so I cannot access my Site or Admin. All I get is a 404 error page or a you do not have permission to access this page.

I set my admin/includes/configure.php but when I try and set my catalog/includes/configure.php I get this error [a fatal error or timeout occurred while processing this directive] So the catalog/includes/configure.php have not been changed.

I can only edit my configure.php files through cpanel. My host has permission set to 400 so I cannot change through FTP.

I followed the instructions posted in this thread for the configuration of the configure.php files.

One minute my site and admin was there, my host installs the cerificate and poof! Just like a puff of smoke my site and admin are gone? Why can I not access my site or Admin? Any ideas on where it went? /crying.gif' class='bbc_emoticon' alt=':'(' />

I was under the assumption that if I got my host to install it for me I could avoid any problems as I know if I had done it I would of done something wrong. How wrong was I. When I contacted my host to say I cant access my site or admin, Im told to go to the OSC Forums.

I dont even know what I should be asking here. All I know is that my site was working fine, SSL Certificate installed and now no access to my site at all.

Help would be very much appreciated.

My site is http://www.shoppinginurpjs.com

#57   cmino

cmino
  • Members
  • 3 posts

Posted 14 January 2007 - 03:59

Hi,
I have this same problem. I have the server set up with shared SSL, and https pages work fine if you type them in directly as a URL, but as soon as you click on a link, even if it should normally be an https page (like login) you get thrown back to a standard unsecured http page. As a result, the site won't provide a secure connection to authorize.net

Here's what I have in my admin configure file:
define('HTTP_SERVER', 'https://cloucult.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
define('HTTP_CATALOG_SERVER', 'https://cloucult.com');
define('HTTPS_CATALOG_SERVER', 'https://cloudcult.c2.ixwebhosting.com');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

Here's what I have in my catalog configure file:
define('HTTP_SERVER', 'http://cloudcult.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://cloudcult.c2.ixwebhosting.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', '.cloudcult.com');
define('HTTPS_COOKIE_DOMAIN', '.cloudcult.c2.ixwebhosting.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');

According to my webhost, by third level shared SSL is https://cloudcult.c2.ixwebhosting.com

I've been working on this problem for a good 4 hours and figure it's time to seek help.

Thanks

Edited by cmino, 14 January 2007 - 04:01.


#58   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 14 January 2007 - 05:27

Craig, look on your server, in your catalog/includes/ folder. Is there a folder within the includes folder entitled "local"? If so, click on the local folder, so your path is catalog/includes/local/ and within there, there may be a configure.php file. If so, OSC is picking up the configure.php file within your local folder. Rename this file to configure_old.php, and this should solve the problem.

The same applies to your admin side. Look within the catalog/admin/includes/local/ folder and find the configure.php, rename it to configure_old.php and things should be better. If you get any errors, just copy your database information from /local/configure.php into your regular configure.php files.

Good luck.
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#59   cmino

cmino
  • Members
  • 3 posts

Posted 14 January 2007 - 06:44

Thanks! That solved the problem. You're a brilliant fellow!

#60   cmino

cmino
  • Members
  • 3 posts

Posted 14 January 2007 - 07:39

Actually, I am noticing now that your suggestions solved my https problem, but it seemed to have caused a problem in the admin area. I can get to my main admin index page on my browser, but can't get any further in than that. Could that be related to the fact that I changed the admin/includes/local/configure.php file to configure_old.php ? Thanks