The SSL In OsCommerce Guide For The Innocent

[jenso]

Hi, interesting long topic here

 

I looked up knowledgebase and so on for that,but now answer, so I am trying it here.

 

I am using right now for my store the domain:

shopping.mydomain.com and mydomain.com

 

actually mydomain.com is directed to the subdomain shopping.mydomain.com

 

In config I have to set http and https

 

will this work for oscommerce 2.2MS2 :

 

http www.shopping.mydomain.com

https secure.mydomain.com

 

OR

 

http www.mydomain.com

https secure.mydomain.com

 

Which one will work if any?

 

The knowledge base does not provide an answer if subdomain for SSL will work with osc.

 

By the way my host is 1und1.com (1and1.com)

 

like to know it, because I have to order the ssl cert from my host.

 

Thanks

 

Rich

[komodotale]

I read hundreds of messages and am overwhelmed. I'm sorry if I missed this.

 

I have shared SSL in a seperate SSL directory. My catalog will be in http://www.mydomain.com/catalog. The shared SSL is in https://seocr001.secure.myhostname.com. This are two totally seperate directories and are two different domains for all intents and purposes.

 

I want people to browse and select merchendise in http://www.mydomain.com/catalog

 

I want customers to access the payment gateway only in https://seocr001.secure.myhostname.com

 

Can someone please direct me to a post or tutorial or explain how to do this? The more details the better because I am an osCommerece newbie and will be setting-up my first shop with this software.

 

Thank you for your assistance

[koelkast26]

Hello all,

 

After i asked several questions about the contribution Customer Add Product they pointed me to this forum topic so i will ask the same question here and i hope someone can help me.

 

I have installed the contrib Customer adds product on my webshop and it works. Now i have 2 problems which i cant find out:

 

1) When a customer goes to my account and click add new product or edit product a admin login box shows up:

 

This looks like:

 

ofcourse you can click cancel and it works aftherthat but it is not nice looking. How do i solve this? (what do you need to come to an answer.)

 

Second problem is this.

 

When customers go to their edit section of the page (also with the admin popup) and they press edit or delete or a particular product the page is going off the secure (ssl) part and goes to the normal site. With a total broken layout and with no images.

 

Before it look like this:

 

 

After clicking one button it look like this:

 

 

I dont know how to solve this. I hope someone will help me.

 

You can go to my webshop and log in with a testaccount.

 

emailadres [email protected] password 123456 Go to my Account details (klantgegevens) and click on edit my product.

 

When you add a product i must have to approve it so pls dont do that.

 

I hope you can help me.

[j_may80]

I'm curious. Does anyone think the Admin panel needs SSL protection on all the admin pages? I'm far from an expert, but just having it on the index page seems to defeat the purpose. Do your stores have an non-SSL Admin panels, save for the index page? Am I missing something?

[aboriginart]

THANKS VERY MUCH FOR THE GREAT INFORMATIVE POST !!

Peter

~~~~~~~~~~~~~~~~~~~~~~~~~

[scootd]

This is a great thread. I've reviewed the postings but have yet to find the answer. So hopefully someone can help ...

 

I'm testing on a shared server using a shared ssl certificate. I have installed and configured ssl on the catalog successfully. Next I edited admin/configure.php to secure the admin cpanel. Now the ssl lock shows and browser address shows secure, However, all product, manufacturers, catagories images in the admin show broken links. This probably means I need an absolute address for the images but I can't seem to get it to work.

 

Below are the configure.php files

 

Any help greatly appreciated ...

 

scot

 

catalog/admin/includes/configure.php
 define('HTTP_SERVER', 'https://secure.MyHost.com/~MyUserName'); 
 define('HTTP_CATALOG_SERVER', 'http://MyDomain.com');
 define('HTTPS_CATALOG_SERVER', 'https://secure.MyHost.com/~MyUserName');
 define('ENABLE_SSL_CATALOG', 'true'); 
 define('DIR_FS_DOCUMENT_ROOT', '/home/MyUserName/public_html'); 
 define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/home/MyUserName/public_html/gallery/admin/');
 define('DIR_WS_CATALOG', '/catalog/'); 
 define('DIR_FS_CATALOG', '/home/MyUserName/public_html/catalog/'); 
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

catalog/includes/configure.php
 define('HTTP_SERVER', 'http://MyDomain.com'); 
 define('HTTPS_SERVER', 'https://secure.MyHost.com/~MyUserNamer'); 
 define('ENABLE_SSL', true); 
 define('HTTP_COOKIE_DOMAIN', 'MyDomain.com');
 define('HTTPS_COOKIE_DOMAIN', 'secure.MyHost.com/~MyUserName');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/MyUserName/public_html/catalog/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

[brooklyntam]

Thanks a ton for this information - i've been trying to reassure myself that my cart is secure and that SSL does the trick... I've been searching for this info for a couple of days...

 

thanks!

[nitrossub]

no pad lock dislpaying in admin or cart/login please help me fix it

 

 

no pad lock shows up, but when i goto in internetexplorer, file, propertys, it says

connection:= TLS 1.0, RC4 with 128 bit encryption (High); RSA with 1024 bit exchange

address:= https://www.ozziechoppers.com/shop/login.php

 

please cheak my site and tell me what you think

 

 

 

my includesconfigure.php content is as follows

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.ozziechoppers.com'); // eg, http://localhost - should not be empty for

 

productive servers

define('HTTPS_SERVER', 'https://www.ozziechoppers.com'); // eg, https://localhost - should not be empty for

 

productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.ozziechoppers.com');

define('HTTPS_COOKIE_DOMAIN', 'www.ozziechoppers.com');

define('HTTP_COOKIE_PATH', '/shop/');

define('HTTPS_COOKIE_PATH', '/shop/');

define('DIR_WS_HTTP_CATALOG', '/shop/');

define('DIR_WS_HTTPS_CATALOG', '/shop/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/content/O/z/z/OzzieChoppers/html/shop/');

 

 

 

my admin/includes/configure.php content is as follows

 

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.ozziechoppers.com'); // eg, http://localhost - should not be empty for

 

productive servers

define('HTTP_CATALOG_SERVER', 'http://www.ozziechoppers.com');

define('HTTPS_CATALOG_SERVER', 'https://www.ozziechoppers.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/content/O/z/z/OzzieChoppers/html/shop/'); // where the pages are located

 

on the server

define('DIR_WS_ADMIN', '/shop/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/home/content/O/z/z/OzzieChoppers/html/shop/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/shop/'); // absolute path required

define('DIR_FS_CATALOG', '/home/content/O/z/z/OzzieChoppers/html/shop/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

 

 

ran test on

https://www.ozziechoppers.com/shop/admin/ssltest.php

 

results is

HTTP HOST: www.ozziechoppers.com

Server Port: 443

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By: Document Root: /home/content/O/z/z/OzzieChoppers/html

 

changed

the bit in file to

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

 

 

what now

[Guest]

Hi all,

 

This has been a great forum. I neet to have my two config files checked. I have updated them to the best of my ability. Authorize.net is accepting the payment but my adim states it is a non secure site and the lock is not appearing in the bottom of the page my cert is installed with the www and I am getting that pop up that states I am being passed to a non secure area even though the url appears correct.

 

Your assistance in reolving this would be much appreciated.

 

shop/includes/ config file:***

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.crystalintentions.com');

define('HTTPS_SERVER', 'https://www.crystalintentions.com');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.crystalintentions.com');

define('HTTPS_COOKIE_DOMAIN', 'www.crystalintentions.com');

define('HTTP_COOKIE_PATH', '/shop/');

define('HTTPS_COOKIE_PATH', '/shop/');

define('DIR_WS_HTTP_CATALOG', '/shop/');

define('DIR_WS_HTTPS_CATALOG', '/shop/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', 'MYSQLHOST'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', 'u70259707');

define('DB_SERVER_PASSWORD', 'crystal');

define('DB_DATABASE', 'd60241814');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

shop/admin/includes/ config file:***

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.crystalintentions.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.crystalintentions.com');

define('HTTPS_CATALOG_SERVER', 'https://www.crystalintentions.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/mnt/w0401/d17/s10/b027aa55/www/shop/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/shop/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/mnt/w0401/d17/s10/b027aa55/www/shop/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/shop/'); // absolute path required

define('DIR_FS_CATALOG', '/mnt/w0401/d17/s10/b027aa55/www/shop/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', 'MYSQLHOST'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', 'u70259707');

define('DB_SERVER_PASSWORD', 'crystal');

define('DB_DATABASE', 'd60241814');

define('USE_PCONNECT', 'false'); // use persisstent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

[yomama360]

Having trouble with padlock not displaying? OSC wont switch into secure/https mode?

 

I have found an answer that works for me after hours of banging head against wall.

 

Change the two configure.php files as detailed in the first post of this thread.

Also some code in configuration file in catalog/includes/local/configure.php

from

  define('ENABLE_SSL', 0);

to

  define('ENABLE_SSL', 1);

Some have mentioned that configure.php file is a development file that overrides the other configure settings.

 

My setup is a non-shared SSL Cert from GoDaddy. I had It all set up as specified in this thread, and when I manually type the https it goes into secure mode just fine. But when I clicked on a link It switches back to http. Viewing Source on the https page showed that the base url was https. And when I went to checkout or into account login or info, it would stay in http mode and not switch to secure mode.

 

The above code solved my problem. Hope this helps out some of you.

[rodrico]

Hello,

 

I have been working on this for a couple days and am going crazy. I cannot get my SSL configured correctly. I know the cert is installed correctly,ie you can type https://anypage.com and the little padlock comes up and the page is secure, but when you click to another link..checkout or account login it goes back to http://

 

I contacted my host, they installed my cert and supply the osC cart. They said I do not need to do anything special to my directories to get the site to go secure. osC should handle the job (as what I have been reading everywhere)

 

My site directory is as follows....my main directory for my site is eratoys.com

There are 2 ssl directories: eratoys.ssl which contains the csr and key, and ssl.conf, which contains the following subdirectories >eratoys.com>server crt and server key.

 

I have tried configuring the includes/configure.php files a couple different ways and nothing works. Here is what I currently have:

 

catalog/includes/configure.php:

 

define('HTTP_SERVER', 'http://www.eratoys.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://eratoys.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.eratoys.com');

define('HTTPS_COOKIE_DOMAIN', '/eratoys.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']) . '/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', 'osCommerce');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

?>

 

 

admin/includes/configure.php:

 

define('HTTP_SERVER', 'http://www.eratoys.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.eratoys.com');

define('HTTPS_CATALOG_SERVER', 'https://eratoys.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT','/hsphere/local/home/rodrico/eratoys.com'); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)

define('DIR_WS_ADMIN', '/admin/');

define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);

define('DIR_WS_CATALOG', '/catalog/');

define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', '');

define('DB_SERVER_USERNAME', 'mysql');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', 'osCommerce');

define('USE_PCONNECT', 'false');

define('STORE_SESSIONS', '');

?>

 

Obviously the store is not live and you can check it out at: www.eratoys.com/catalog

My host server is running php version 4.4.2 and my website is on a dedicated server. My server is an Apache and am using osC version 2.2 MS2

Any help would be greatly appreciated.

Rod

[Guest]

change this

 

define('HTTPS_COOKIE_DOMAIN', '/eratoys.com');

 

to this

define('HTTPS_COOKIE_DOMAIN', 'eratoys.com');

 

As of the osc it does handle secure pages. Have you done changes to application_top.php??

[rodrico]

change this

 

define('HTTPS_COOKIE_DOMAIN', '/eratoys.com');

 

to this

define('HTTPS_COOKIE_DOMAIN', 'eratoys.com');

 

As of the osc it does handle secure pages. Have you done changes to application_top.php??

 

 

I made the change to the cookie domain. I have not done any modifications to the application_top.php. Should I have?? Also I added the admin login secure contribution and noticed that my admin side is https !!

 

Thanks,

Rod

[rodrico]

Made some mods to application_top.php and now all works...thanks !!!

 

Rod

[seanhsueh]

Hi everyone. This is a great post. I have my SSL working correctly and the pad lock showing up.

 

If you have your SSl installed and the padlock is not showing, you need to follow ALANR's suggestions on page 3 of this post. i made that change and all is well now. THANKS ALAN!!

 

I do have 1 question though. How do i change a page from using the non-secure address to the secure one? Right now, account.php is not using secure access and i'd like to change that. Thanks everyone.

[jcubes]

The problem of getting a security message is because of the http bit in the URL. As soon as you go to a secure page this will change to https and any images that are linked as http://www.somethingorother.com will cause the security message to be displayed.

As Charles says if you remove the http bit and just link to www.somethingorother.com it will be fine.

 

 

ALSO beware EMBEDDED FLASH FILES they use HTTP stuff in the codebase= an plugins= lines... totally had me stumped... but now it works!!!!

 

THANKS ALL!

 

jcubes

[jackrabbit]

Hey folks,

Any idea about what is going on? I just purchased a ssl cert and a dedicated IP for a site Im working on but when I navigate from a non secure page to a secure page I'm getting an error page that says "The connection was interrupted" immediately. Non-secure pages are fine. I know that the config files are set right.

 

Any idea what this is caused by and what I can do about it?

 

Thanks.

 

;-j

[jackrabbit]

Hey folks,

Any idea about what is going on? I just purchased a ssl cert and a dedicated IP for a site Im working on but when I navigate from a non secure page to a secure page I'm getting an error page that says "The connection was interrupted" immediately. Non-secure pages are fine. I know that the config files are set right.

 

Any idea what this is caused by and what I can do about it?

 

Thanks.

 

;-j

 

In case this happens to you, there was no error on my side of the fence. It was an issue my host was having that was resolved the next day. Cheers!

[Guest]

Can someone help me? I have tried everything and just can't figure this out but i am fairly new to this. I changed my config file to match what this first page says but when i did that, none of the items on my product listing page or anything would add to the cart. OUr site is www.jawproducts.com . Our secure link given to us by our host is https://jawproducts3.authsecure.com . Here is the config file for includes/config, this is the setup i have NOW and the only setup that works, even though i KNOW the first link should not have the secure link in it. but when i change the first line to http://jawproducts.com, items wont add to the cart at all.

 

define('HTTP_SERVER', 'https://jawproducts3.authsecure.com'); // eg, http://localhost - should not be empty for

define('HTTPS_SERVER', 'https://jawproducts3.authsecure.com'); // eg, https://localhost - should not be empty for

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'jawproducts3.authsecure.com');

define('HTTPS_COOKIE_DOMAIN', 'jawproducts3.authsecure.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

//Added for BTS1.0

define('DIR_WS_TEMPLATES', 'templates/');

define('DIR_WS_CONTENT', DIR_WS_TEMPLATES . 'content/');

define('DIR_WS_JAVASCRIPT', DIR_WS_INCLUDES . 'javascript/');

//End BTS1.0

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/jawproducts.com/www/jawproducts.com/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

[Guest]

Ok this is my problem I have my SSL Cert installed and setup, I have my OSC installed into my httpdocs... Now its all working fine except when i say try to creat a account, its supposed to go to my https:// wich it does but it comes up with 404 Page Error, its looking for the file wich is actually in my http://... I Know osc is supposed to actually pull the SSL files from my Http:// and secure them, but its not doing that.. and yes my cert is registred with www. thanks guys heres my code:

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.tarojoenterprises.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.tarojoenterprises.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.tarojoenterprises.com');

define('HTTPS_COOKIE_DOMAIN', 'www.tarojoenterprises.com');

define('HTTP_COOKIE_PATH', '/store/');

define('HTTPS_COOKIE_PATH', '/store/');

define('DIR_WS_HTTP_CATALOG', '/store/');

define('DIR_WS_HTTPS_CATALOG', '/store/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/var/www/vhosts/tarojoenterprises.com/httpdocs/store/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '*****');

define('DB_SERVER_PASSWORD', '****');

define('DB_DATABASE', 'DataBase');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.tarojoenterprises.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.tarojoenterprises.com');

define('HTTPS_CATALOG_SERVER', 'https://www.tarojoenterpries.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/var/www/vhosts/tarojoenterprises.com/httpdocs/store/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/store/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/var/www/vhosts/tarojoenterprises.com/httpdocs/store/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/store/'); // absolute path required

define('DIR_FS_CATALOG', '/var/www/vhosts/tarojoenterprises.com/httpdocs/store/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '******');

define('DB_SERVER_PASSWORD', '*******');

define('DB_DATABASE', 'DataBase');

define('USE_PCONNECT', 'false'); // use persisstent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

[jadegirl]

Hi All

 

I have been all the way through this post, all the way through any suggested contributions and made any changes or tests suggested. People have had the same issue I'm facing but I cannot get mine to work.

 

I've tried alan's suggestion at

and still can't get it to work.

Basically I can't get my admin/index to show as protected. It won't flip to https: and stays at http.

Am I really being dumb here? My webhost says I need to access my ssl by typing in the https separately. Is this true? How can I tell if I have two separate folders that need to be merged ie httpdocs and httpsdocs.

 

here is my catalog/configure

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.baby-diva.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.baby-diva.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.baby-diva.com');

define('HTTPS_COOKIE_DOMAIN', 'www.baby-diva.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', 'c:\hosting\webhost4life\member\jadegirly2k/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', '********); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '**********');

define('DB_SERVER_PASSWORD', '********');

define('DB_DATABASE', '*********');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

 

My admin/configure

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'https://www.baby-diva.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.baby-diva.com');

define('HTTPS_CATALOG_SERVER', 'https://www.baby-diva.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', 'c:\hosting\webhost4life\member\jadegirly2k/catalog/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required

define('DIR_FS_ADMIN', 'c:\hosting\webhost4life\member\jadegirly2k/catalog/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/catalog/'); // absolute path required

define('DIR_FS_CATALOG', 'c:\hosting\webhost4life\member\jadegirly2k/catalog/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', '../images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', '*********'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '*********');

define('DB_SERVER_PASSWORD', '********');

define('DB_DATABASE', '******');

define('USE_PCONNECT', 'false'); // use persisstent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

catalog/application top

// set the type of request (secure or not)

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

general.php

 

////

// Redirect to another page or site

function tep_redirect($url) {

if ( (ENABLE_SSL == true) && (getenv('HTTPS') == '443') ) { // We are loading an SSL page

if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url

$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL

}

}

 

admin/index

 

if (getenv('HTTPS') == '443') {

$size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>');

$contents[] = array('params' => 'class="infoBox"',

'text' => tep_image(DIR_WS_ICONS . 'locked.gif', ICON_LOCKED, '', '', 'align="right"') . sprintf(BOX_CONNECTION_PROTECTED, $size));

} else {

$contents[] = array('params' => 'class="infoBox"',

'text' => tep_image(DIR_WS_ICONS . 'unlocked.gif', ICON_UNLOCKED, '', '', 'align="right"') . BOX_CONNECTION_UNPROTECTED);

}

 

 

and finally the myenv

 

https

 

HTTP HOST: www.baby-diva.com

Server Port: 443

SSL Status: on

Fowarded Server:

Fowarded Host:

Fowarded By:

 

http

 

HTTP HOST: www.baby-diva.com

Server Port: 80

SSL Status: off

Fowarded Server:

Fowarded Host:

Fowarded By:

 

This is driving me mad and I've spent all day looking!! my cert is www.baby-diva.com

 

My Webpage

 

you won't be able to get to admin as its protected but any help would be greatly appreciated

 

thanks

[khoking]

In case this happens to you, there was no error on my side of the fence. It was an issue my host was having that was resolved the next day. Cheers!

jackrabbit,

 

I have the same error as yours. I have installed my SSL certificate (GeoTrust) today, but when clicking on my website:

 

https://shashinki.com

 

It says The connection was interrupted in Firefox browser.

 

It is fine at http site, but when go to https page, The connection was interrupted :(

 

Is it a problem with my host? My shop is hosted at a dedicated server, but only my friend has access to the server.

 

Please help...

[toohoots]

I guess I better add this tip here, it's the logical place after all.

 

This is for people who are having trouble getting ssl to work, especially shared ssl. The way I've written it is oriented towards a 1&1 server but its use is general and applies to all servers. It's all about setting line 41 in application_top.php for those cases where the standard query does not work.

 

This is line 41:

 

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

Now that's a very narrow test and lots of servers won't respond with on (or at all) to that. So the trick is to find out how the server does respond.

 

Create a little file, I named it myenv.php, with these lines:

 

<?php
?echo 'HTTP HOST: ' . "$HTTP_HOST";
?echo '<br>Server Port: ' . getenv('SERVER_PORT');
?echo '<br>SSL Status: ' . getenv('HTTPS');
?echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
?echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
?echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

If you put that somewhere on the server, probably root and run it like so:

 

https://ssl.shared.com/mydomain.com/myenv.php you'll be able to see how the server responds to these queries. You'll need to change this to fit your situation but you get the idea.

 

Some dedicated ssls respond with a 1 instead of on to No. 3 for example.

 

Shared servers may respond differently to 4 & 5 but 1&1 gives the same response to both.

 

Once you know how the server answers these queries you can figure out the best solution for line 41 in application_top.php.

 

If, for example, you have a dedicated ssl and query 3 returns a 1 then you simply change line 41 to:

 

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

Frequently on shared servers you'll get no response at all to getenv('HTTPS'). This is where the other responses are useful (and most people have problems).

 

For example shared 1&1 returns ssl.perfora.net to queries 4 and 5. So setting line 41 line as below does the trick (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL';

 

Here's another case:

 

The standard ssl port for dedicated ssl is 443 (the standard http port is 80). I've seen dedicated ssl which returns no response for getenv('HTTPS') but does return a 443. In this case you can set line 41, testing for port 443, like so:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

The best way to use the script is to run it in both http and https environments and look at the differences in the responses. You want to pick a response which is unique to ssl (your https connection), it's no use to pick something which stays the same in both modes, you want to pick something to make a switch.

 

Brilliant, had a problem with a dedicated ssl where the address bar was showing https:// but I did not have the closed padlock, actually I did not even have a padlock in the bottom bar :wacko: .

 

I'm with 1&1, ran your file, got a response 1 as described and thus changed the application_top.php as described and now all is working great.

 

Just wanted to say thanks for a great thread and a post that helped a lot :D

[kamusicman]

Help! My screen has gone completely blank!

 

I changed the code per the instructions on page 1 of this topic, made sure that Force Cookies were turned off, and when I went back to my catalog page to reload, it went blank.

 

Here's the admin/include/configure.php file:

define('HTTP_SERVER', 'http://www.shop.johnraphael.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.shop.johnraphael.com');

define('HTTPS_CATALOG_SERVER', 'https://shop1.c2.hostexcellence.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)

define('DIR_WS_ADMIN', '/admin/');

define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);

define('DIR_WS_CATALOG', '/catalog/');

define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

[kamusicman]

(Sorry for the double post. For some reason, the Board wouldn't let me modify the previous one.)

 

Issue: my catalog page is completely blank.

I'm using a shared SSL with my hosting company, hostesxcellence.com.

Here are the relevant lines in my catalog/includes/configure.php file:

 
define('HTTP_SERVER', 'http://www.shop.johnraphael.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://shop1.c2.hostexcellence.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.shop.johnraphael.com');
 define('HTTPS_COOKIE_DOMAIN', 'shop.johnraphael.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');

Here is the line from my catalog/includes/local/configure.php file:

define('HTTP_SERVER', 'http://www.shop.johnraphael.com');

Here is the line from my catalog/includes/application_top.php file:

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Here are the lines from my admin/includes/configure.php file:

  define('HTTP_SERVER', 'http://www.shop.johnraphael.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.shop.johnraphael.com');
 define('HTTPS_CATALOG_SERVER', 'https://shop1.c2.hostexcellence.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

The myenv.php file returns 'on' for getenv('HTTPS'), so I didn't add getenv('SERVER_PORT') == 443.

 

What did I do wrong, and how can I fix it? (I can't even go back to the original files before the mod's. It still shows blank pages.)