SSL Help

[sackling]

I just got and installed my first ssl certificate for my site and I got a few questions.

 

1) if i change all my current site address' to https instead of http it brings me to certified pages but how to I make it go to https originally for the index page. (actually just typing this out made me realise i might not need to do this i can just make the index page direct you to the secure page since the index is only an intro page)

 

2) how to i get rid of the http sites? what stopes someone from just changing the address to http instead of https?

 

and finally

 

3) I am using oscommerce and bought my certificate from godaddy. In order to apply the certicate to the cart i need to have the server for the certificate. I can't seem to find the server for the certificate on the godaddy site or any referance to it at all. where do i find it?

[sackling]

My main problem right now is finding out what I am supposed to use for "secure-server.yourdomain.ext"

 

I dont see any reference to where the certificate is stored on a server on godaddys's site where do i find it?

[ozcsys]

My main problem right now is finding out what I am supposed to use for "secure-server.yourdomain.ext"

 

I dont see any reference to where the certificate is stored on a server on godaddys's site where do i find it?

 

 

Are you hosting with godaddy? If not then you need to contact your hosting company. You not only need to purchase the certificate it also needs to be installed. This process varies widely for different hosting companies so you really need to talk to them.

 

 

As far as the secure/non-secure pages osC will switch between them as needed once you have the cert installed and the proper changes made to your configure.php files.

[sackling]

I am hosting with godaddy and have already been able to install the certificate. I am able to access both the http and https pages for all my pages. I was reading the tutorial on how to make an already installed oscommerce ssl abled and came it said i need to replace some lines of code with :

 

define('HTTPS_SERVER', '');

define('ENABLE_SSL', false);

define('HTTPS_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_PATH', '');

 

and change them to look like

 

define('HTTPS_SERVER', 'secure-server.yourdomain.ext');

define('ENABLE_SSL', true);

define('HTTPS_COOKIE_DOMAIN', ''secure-server.yourdomain.ext'');

define('HTTPS_COOKIE_PATH', 'catalog/');

 

where secure-server.yourdomain.ext the location of your secure server, as instructed by your hosting company.

 

the part i am not sure about is where do i find out what "secure-server.yourdomain.ext" is? is it just the https://www.mysite.com?

 

thanks for your help. it is much appreciated.

[sackling]

** http://www.mysite.com is not actually my site i just meant my actual domain

[sackling]

*bump

 

I really have no idea where to find the "secure-server.yourdomain.ext" what am i supposed to put in there?

[webmaster218]

*bump

 

I really have no idea where to find the "secure-server.yourdomain.ext" what am i supposed to put in there?

 

 

 

Yes this is your domain. For example if your web site is : http://www.mydomain.com then you would enter https://www.mydomain.com

[sackling]

hrmph i tried changing the code according to this http://www.oscommerce.com/forums/index.php?showtopic=91446 but i am not being redirected to the https site upon checkout. also i am able to access the https admin control panel as well as the regular admin control panel and it still displays the message on the bottom of the control pannel "You are not protected by a secure SSL connection." with a picture of an unlocked padlock even when im in the https version. is there somethign i am missing?

[sackling]

Here are my chunks of code that i changed.. maybe i'm doing something wrong:

 

For the store front i guess:

 

define('HTTP_SERVER', 'http://www.gostwear.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://gostwear.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.gostwear.com');

define('HTTPS_COOKIE_DOMAIN', 'https://gostwear.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', 'catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '');

define('DIR_WS_IMAGES', 'images/');

 

for admin side:

 

define('HTTP_SERVER', 'http://www.gostwear.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.gostwear.com');

define('HTTPS_CATALOG_SERVER', 'https://www.gostwear.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/content/g/o/s/gostwear/html/catalog/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required

[AlanR]

Check for an extra configure.php in includes/local.

 

If you find one rename it after verifying that all the data in the primary one is OK.

[sackling]

hmm i think i was being an idiot and not uploading the configure.php to the right spot, i.e not seeing any change. now that im putting it in the right place however, when i click on checkout i get brought to an error page with this in the address bar: https://www.gostwear.com/checkout_shipping....08622cfcb5f740c

 

brings me to a page not found. any ideas on whats going on this time?

[sackling]

got it working! was missing a /catalog after the domain. now ill try the admin side. thanks for your help.

[sackling]

hmm it still is showing up as not protected by ssl in the oscommerce control pannel. is that normal? i doubt it but it doesnt seem to be changing even though i changed teh admin configuration.php file. is there somewhere else to change it i was under the impression that the config file in the admin/includes was for that very purpose.

[agele3]

hmm it still is showing up as not protected by ssl in the oscommerce control pannel. is that normal? i doubt it but it doesnt seem to be changing even though i changed teh admin configuration.php file. is there somewhere else to change it i was under the impression that the config file in the admin/includes was for that very purpose.

 

 

I am having the same problem with my lock showing unlocked in my control panel. The various secure pages load okay and I have my certificate and logo installed.

How can I fix this.

 

Thanks

 

Roberta

AGELESSTREASURES.BIZ

[sackling]

^^^^^^^

 

Help us!

[sackling]

Still looking for help as to why the lock in the admin area is unloacked displaying the message that it is not protected by ssl.