Jump to content



Photo
- - - - -

SSL Implementation Help


  • Please log in to reply
414 replies to this topic

#301   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 14 April 2011 - 23:16

From the page source:

<script type="text/javascript" src="http://info.template-help.com/files/ie6_warning/ie6_script_other.js"></script>
You can't load scripts or images from HTTP sources on HTTPS pages.

You can:

  • Remove it.
  • Host the script locally and fix the URL to be "relative" so as not to interfere with SSL.
  • Fix it so it doesn't load on SSL pages.

Obviously you know how to remove it.

I can help with either of the other options if need be.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#302   rozli

rozli
  • Members
  • 3 posts
  • Real Name:Rozli

Posted 14 April 2011 - 23:43

I don't know how to remove that link. In which file I need to look? I used a template and than everthing messed up /sad.gif' class='bbc_emoticon' alt=':(' />

#303   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 14 April 2011 - 23:46

It's probably in the <head> section of most of the PHP pages in the site root.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#304   rozli

rozli
  • Members
  • 3 posts
  • Real Name:Rozli

Posted 15 April 2011 - 00:06

THANK YOU SOO MUCH you are incredable /wub.gif' class='bbc_emoticon' alt=':wub:' />

#305   farbor

farbor
  • Members
  • 28 posts
  • Real Name:Lele

Posted 18 April 2011 - 19:38

Hi Germ,

I hope you can help me out to solve a couple of problems I am experiencing in my site.
I have just move from one host server to another and from a shared SSL (that was working perfectly) to a dedicated SSL.
I am now facing 2 main issues:

1) Once I try to log in to my admin I keep getting re-prompt for insert user name and password and I receive this error on top of the page:
Error: Invalid administrator login attempt. Removing SSL allows me to log in without any issues.
2) In my shop it seems that my pages have a mix of unsecure and secure items (Firofox show the lock with the ! and IE show a pop up about those unsecure items. I so many questions about it but I cannot narrow down where the unsecure object is.

I have followed all the steps descibed in this thread and as well install your contribution but I cannot get to the bottom of those two problems.
Can you help?

Thank in advance for all your help.

Cheers
JK

#306   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 18 April 2011 - 20:46

You'll have to post (or PM me) your URL if you want my help.

I can't help fix what I can't see...
/huh.gif' class='bbc_emoticon' alt=':huh:' />

The "unsecure items" usually aren't too difficult to remove.

Not sure about the admin problem, though.

I've never heard of that problem associated with SSL before.
/unsure.gif' class='bbc_emoticon' alt=':unsure:' />
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#307   farbor

farbor
  • Members
  • 28 posts
  • Real Name:Lele

Posted 19 April 2011 - 18:07

Hi,

Thanks a lot for your help.
I have PM the links.
Thanks in advance for all your help.
Regards
Lele

You'll have to post (or PM me) your URL if you want my help.

I can't help fix what I can't see...


The "unsecure items" usually aren't too difficult to remove.

Not sure about the admin problem, though.

I've never heard of that problem associated with SSL before.



#308   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 19 April 2011 - 21:13

In /includes/application_top.php change this line:

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';
To;

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
That should fix the catalog side.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#309   farbor

farbor
  • Members
  • 28 posts
  • Real Name:Lele

Posted 20 April 2011 - 18:31

In /includes/application_top.php change this line:

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';
To;

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
That should fix the catalog side.


Hi Germ,

Great spot!It works perfectly now!Thanks a lot!!!
I have changed it and now I do not get any error message for SSL no more.
That was the code since the beginning, I must have changed trying to fix the admin issue....my bad....
Do you have any idea on what can cause the issue in the Admin part?
Thanks in advance for your help.
Cheers
JK

#310   Rob1962

Rob1962
  • Members
  • 63 posts
  • Real Name:Rob
  • Gender:Male

Posted 30 April 2011 - 20:11

Hi all

I have some problems with my ssl too and i have been busy with it for 3 weeks now so i thought that it is about time to ask , i am new at this.

I have read all of this tread and tried about everything (i think) but no joy.

My website is www.landyspecials4x4.com

In FF i get the :

Errorcode: sec_error_unknown_issuer

message.

In IE it doesn´t show me this message and it shows in the address bar that i am on a https page but i do not get the padlock.

So i downloaded and installed the little programs and have run them:

cfgchk.php tells me:

File Permissions: 0444

Found HTTPS_SERVER:

define('HTTPS_SERVER', 'https://landyspecials4x4.com'); // eg, https://localhost - should not be empty for productive servers

HTTPS URL passed check!

Found ENABLE_SSL.

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

SSL enable passed check!

Found HTTPS_COOKIE_DOMAIN:

define('HTTPS_COOKIE_DOMAIN', 'landyspecials4x4.com');

HTTPS_COOKIE_DOMAIN line parsed!



Parsing application_top.php for SSL detection key...

Found SSL detection key:

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';




https....myenv.php tells me that the site is not trusted and gives : Errorcode: sec_error_unknown_issuer


http....myenv says:

myenv.php Version 1.2

NONSSL Variables

HTTP HOST: []

Server Port: [80]

SSL Status: [Undefined!]

Fowarded Server: [Undefined!]

Fowarded Host: [Undefined!]

Fowarded By: [Undefined!]

$_SERVER['HTTPS']: [Undefined!]

Load: 1


My includes/aplication=top :

// set the type of request (secure or not)
//$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';
//$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
//$request_type = ($_SERVER['HTTPS'] == 'on') ? 'SSL' : 'NONSSL';
$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

includes/configure.php

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.landyspecials4x4.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://landyspecials4x4.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.landyspecials4x4.com');
define('HTTPS_COOKIE_DOMAIN', 'landyspecials4x4.com');
define('HTTP_COOKIE_PATH', '/');
define('HTTPS_COOKIE_PATH', '/');
define('DIR_WS_HTTP_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
define('DIR_FS_CATALOG', '/home/*********/public_html/');
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
define('DB_SERVER_USERNAME', '*********');
define('DB_SERVER_PASSWORD', '**********');
define('DB_DATABASE', '************');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'




admin/includes/configure.php

// define our webserver variables
// FS = Filesystem (physical)
// WS = Webserver (virtual)
define('HTTP_SERVER', 'https://www.landyspecials4x4.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
define('HTTP_CATALOG_SERVER', 'http://www.landyspecials4x4.com');
define('HTTPS_CATALOG_SERVER', 'https://www.landyspecials4x4.com');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)
define('DIR_WS_ADMIN', '/*******/');
define('DIR_FS_ADMIN', '/home/******/public_html/*******/');
define('DIR_WS_CATALOG', '/');
define('DIR_FS_CATALOG', '/home/********/public_html/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

// define our database connection
define('DB_SERVER', 'localhost');
define('DB_SERVER_USERNAME', '***********');
define('DB_SERVER_PASSWORD', '**********');
define('DB_DATABASE', '************');
define('USE_PCONNECT', 'false');
define('STORE_SESSIONS', 'mysql');
?>


MANY MANY thanks in advance.

Gr, Rob

Edited by Rob1962, 30 April 2011 - 20:23.


#311   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 30 April 2011 - 20:29

Read post #8 here

The SSL works fine for me using IE7 and FF3.0

Edited by germ, 30 April 2011 - 20:29.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#312   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 30 April 2011 - 21:32

Actually read posts 7 and 8.

I tried the site on my Wife's machine:

IE8 - OK!

Firefox lastest version - No go!

It's an issue between the browser, the server, and the certificate.

Nothing you can "fix" in the code.

Sorry...
/blush.gif' class='bbc_emoticon' alt=':blush:' />
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#313   Rob1962

Rob1962
  • Members
  • 63 posts
  • Real Name:Rob
  • Gender:Male

Posted 01 May 2011 - 07:14

Actually read posts 7 and 8.

I tried the site on my Wife's machine:

IE8 - OK!

Firefox lastest version - No go!

It's an issue between the browser, the server, and the certificate.

Nothing you can "fix" in the code.

Sorry...



Hi Germ

Great , this actualy means that i can finaly stop looking at code of wich i do not understand what to do to it in the first place and how to make it work in all other places..............

I think the next stop will be at my host and start to bugger them ;-)

Thanks very much.

Reg, Rob

#314   EPStore

EPStore
  • Members
  • 51 posts
  • Real Name:TK
  • Gender:Male

Posted 01 May 2011 - 09:45

Didn't see this problem dealt with yet... so here goes:
It seems I'm getting the "However, this page includes other resources which are not secure" message because of my CSS.
I'm using some web font in there that points to my http address. I guess the answer would be simply to use httpS instead... but I can't get it to work. If I just put the "s" and do nothing else, I lose my web font on the pages wich are not "secure". And if I add another column below my http with the same URLs but with the "s", the web font doesn't work either anymore. (I also tried to delete the "http://" part to see if that would help... but to no avail)

@font-face {
    font-family: 'BlazeITCItalic';
    src: url('http://www.xxxxxxx.com/webfont/blazeitc.eot');
    src: url('http://www.xxxxxxx.com/blazeitc.eot?iefix') format('eot'),
         url('http://www.xxxxxxx.com/webfont/blazeitc.woff') format('woff'),
         url('http://www.xxxxxxx.com/webfont/blazeitc.ttf') format('truetype'),
         url('http://www.xxxxxxx.com/webfont/blazeitc.svg#webfontygQQizPM') format('svg');
    font-weight: normal;
    font-style: normal;
}

.ui-widget {
  font-family: BlazeITCItalic;
}

Any idea?

#315   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 01 May 2011 - 10:16

You can't load content from HTTP sources on HTTPS pages.

If you MUST use it your only choice is to host the content locally and fix the links to be "relative" so they don't interfere with the SSL.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#316   surrfman

surrfman
  • Members
  • 363 posts
  • Real Name:Timmy C
  • Gender:Male
  • Location:Great State of Michigan

Posted 13 May 2011 - 17:19

Germ... you are the guy that can walk on SSL water!!! did the cert install, changed both configure.php files to true, added the s on the three http's at top of admin file. application_top.php shows ssl== on. how do I tell if the ssl is actually dong the job? I do see a small padlock at bottom right of IE8, but on all pages of store. Is there some work to do in admin panel? store is www.discountegauges.com


Thanks,

Timmy C

#317   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 13 May 2011 - 21:05

Not really....

I can't swim so I stay as far away from water as possible. That is, unless it's in a glass or a shower....
/blush.gif' class='bbc_emoticon' alt=':blush:' />

Did you read the first post in this thread?
/unsure.gif' class='bbc_emoticon' alt=':unsure:' />

It has things for you to double-check and try.

If all looks as it should be then it looks as if the shop isn't getting the cue from the server that SSL is "on".

You'd need to download the contribution I wrote to help (link is in the second post in this thread), unzip it, then upload the files into your root folder.

Then either post again or PM me so I can access them with my browser and see what's up.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#318   SandyNovotny

SandyNovotny
  • Members
  • 20 posts

Posted 15 May 2011 - 20:54

I am trying to figure out how to get the shared SSL certificate to work with my Oscommerce install. I edited all of the includes/configure.php variables (including the one in admin) to reflect the shared host address https://secure.hostm...r.com/~username, and set the Enable_SSL to true, but when I try to checkout in my store it is still unsecured.

Includes/Configure.php:
define('HTTP_SERVER', 'http://www.yoursite.com');
define('HTTPS_SERVER', 'https://secure.hostm...r.com/~username');
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', '.yoursite.com');
define('HTTPS_COOKIE_DOMAIN', 'https://secure.hostm...r.com/~username');

Admin/Includes/Configure.php:
define('HTTP_SERVER', 'https://www.yoursite.com');
define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com');
define('HTTPS_CATALOG_SERVER', 'https://secure.hostm...r.com/~username');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module



I'm wondering if this might be causing the issue... the shared SSL is accessed via https://secure.hostm...r.com/~username, but I have the Oscommerce installed in the directory of an add on domain not my main domain. So my website is accessible from my yoursite.com and from yoursite.mymainsite.com.

Should the shared SSL still be accessed using https://secure.hostm...r.com/~username, or are there adjustments that need to be made to the SSL path in my coding to account for the site being in an add on directory?

{note, moved this here from another thread in case you wondered about the duplication. Thanks!}

#319   germ

germ
  • Members
  • 13,921 posts
  • Real Name:Jim
  • Gender:Male
  • Location:USA (GMT-6)

Posted 15 May 2011 - 22:24

Do these four things:

1. In /store/includes/application_top.php, get rid of this line:

$request_type = ( $HTTP_HOST == 'secure.hostmonster.com' ) ? 'SSL' : 'NONSSL';
2. In the same file change this line:

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
To this:

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

3. In /store/includes/configure.php change this line:

define('HTTPS_SERVER', 'http://YOUR_DOMAIN.com');
To this, figuratively speaking so I don't reveal anything you don't want public:

define('HTTPS_SERVER', 'PUT_THE_HTTPS_URL_HERE_YOU_SAID_WORKS_IN_YOUR_PM');
(note: no / at the end of the url)

I hope you get the drift...

4. Change this line:

define('HTTPS_COOKIE_DOMAIN', '');
to

define('HTTPS_COOKIE_DOMAIN', '.secure.hostmonster.com');

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#320   SandyNovotny

SandyNovotny
  • Members
  • 20 posts

Posted 15 May 2011 - 23:00

Do these four things:

1. In /store/includes/application_top.php, get rid of this line:

$request_type = ( $HTTP_HOST == 'secure.hostmonster.com' ) ? 'SSL' : 'NONSSL';
2. In the same file change this line:

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
To this:

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

3. In /store/includes/configure.php change this line:

define('HTTPS_SERVER', 'http://YOUR_DOMAIN.com');
To this, figuratively speaking so I don't reveal anything you don't want public:

define('HTTPS_SERVER', 'PUT_THE_HTTPS_URL_HERE_YOU_SAID_WORKS_IN_YOUR_PM');
(note: no / at the end of the url)

I hope you get the drift...

4. Change this line:

define('HTTPS_COOKIE_DOMAIN', '');
to

define('HTTPS_COOKIE_DOMAIN', '.secure.hostmonster.com');


Ok, stupidest thing ever... while working on this it got so frustrating that I would take a break by taking a sidebar into other areas of configuration that I needed to work on. In the course of this, I set my file permissions to 444 on a couple of my files. After attempting to edit the configure file a dozen times (and admittedly some jumping around the room in frustration) I realized the permission setting was what was preventing my changes from taking. In all fairness, the stupid ftp program should have generated an error or something instead of telling me to successfully uploaded /smile.gif' class='bbc_emoticon' alt=':)' /> Can we just pretend I'm a rookie and forget that I have been involved in my own websites for a decade? So, let this be a lesson to everyone... you can't write to files that you set to read only lol!

Two quick questions if you wouldn't mind...
1. should I make these same changes in the admin/includes/config file as well?
2. The URLs seem to be switching back and forth between secure and unsecure beautifully (thank you!) but the URLs now have a long osCsid appended to them. Is this normal, or is it something I should fix?