finkelsteinj Posted September 17, 2004 Share Posted September 17, 2004 Hello Everyone, I setup SSL today and now I am having to loging in multiple times, any help would be great. CincyNetworking email: [email protected] password: demo1 Thanks again, Jason Link to comment Share on other sites More sharing options...
stevel Posted September 18, 2004 Share Posted September 18, 2004 You sure made it hard on us. First, you mis-entered the URL for your store. Then when I figured that out, I tried the login you specified and it was not found. So I created my own. Given all that, everything worked as I expected. What are you seeing? Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
finkelsteinj Posted September 18, 2004 Author Share Posted September 18, 2004 Stevel, Sorry about the miss spelling. If you add something to the cart and go to check out, you are required to login again and your cart is empty until you return back to "http://" and when you go back to "https://" you required login and cart is empty. Thanks for all of your help Link to comment Share on other sites More sharing options...
stevel Posted September 18, 2004 Share Posted September 18, 2004 That didn't happen to me. But the symptom you describe suggests a cookie problem. First, post the first 20 lines of your catalog/includes/configure.php Perhaps we can spot a problem there. I usually find that such problems are caused by incorrect settings in this file. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
finkelsteinj Posted September 18, 2004 Author Share Posted September 18, 2004 Stevel, Thanks again for your help! // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://catalog.cincynetworking.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://ssl.perfora.net'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'catalog.cincynetworking.com'); define('HTTPS_COOKIE_DOMAIN', 'catalog.cincynetworking.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/catalog.cincynetworking.com/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); Jason Link to comment Share on other sites More sharing options...
♥Vger Posted September 18, 2004 Share Posted September 18, 2004 Try define('HTTPS_SERVER', 'https://ssl.perfora.net/~catalog.cincynetworking.com' and as you are using a subdomain, try define('HTTP_COOKIE_DOMAIN', 'http://catalog.cincynetworking.com' and define('HTTPS_COOKIE_DOMAIN', 'https://ssl.perfora.net/~catalog.cincynetworking.com' Vger Link to comment Share on other sites More sharing options...
stevel Posted September 18, 2004 Share Posted September 18, 2004 No, that's not quite right. The COOKIE_DOMAIN defines must be domains, NOT URLs. You want: define('HTTP_COOKIE_DOMAIN','catalog.cincynetworking.com'); define('HTTPS_COOKIE_DOMAIN','ssl.perfora.net'); Also, leave HTTPS_SERVER the way you have it. Vger's suggestion is incorrect. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
finkelsteinj Posted September 18, 2004 Author Share Posted September 18, 2004 Thanks Guys for all of the help! Jason Link to comment Share on other sites More sharing options...
♥Vger Posted September 18, 2004 Share Posted September 18, 2004 Also, leave HTTPS_SERVER the way you have it. Vger's suggestion is incorrect. If he's on a shared SSL, which he appears to be, it's abolsutely correct (some use the tilde '~' and some don't, but otherwise correct). All of my shared SSL sites work in that way, and I've helped dozens of newbies to get their site working by following just that advice. You may be correct about the http cookie domain, because I don't use subdomains for installing osCommerce - quite frankly if I wasn't putting it in the root directory I'd do a standard install into the 'catalog' folder. A root install on a full domain, with full SSL would have 'www.yourdomain.com' for both http and https cookie domains. If you didn't have that for your https cookie domain you'd have trouble with your ssl cert. Hope this clarifies a few things! Vger Link to comment Share on other sites More sharing options...
stevel Posted September 18, 2004 Share Posted September 18, 2004 I respectfully disagree. The particular syntax for using shared SSL varies from host to host, and it was clear that his host did not use the ~username method, so your adding the tilde was incorrect. My host, for example, uses what looks like a subdomain. Furthermore, any part of the URL other than the domain does NOT belong in HTTPS_SERVER - it should go in DIR_WS_HTTPS_CATALOG instead, as he already correctly had it. If you put it in the SERVER define, you can get strange effects and errors. His HTTPS pages were working, other than the misconfiguration of cookies. Also, your instructions to use a URL in the COOKIE defines would not be correct under any circumstances. While he had things wrong in the configure.php, the SERVER defines were correct as-is. If you have your own SSL certificate, yes, things are different, but that did not apply in this case. The key point is that the domain in the COOKIE defines must match the domain in the respective SERVER defines - nothing more, nothing less. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.