Jump to content

Archived

This topic is now archived and is closed to further replies.

germ

SSL Implementation Help

Recommended Posts

Just as another double check... here's the data in my includes/configure.php file:

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.decorativepaintingstore.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.decorativepaintingstore.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.decorativepaintingstore.com');

define('HTTPS_COOKIE_DOMAIN', 'https://www.decorativepaintingstore.com');

define('HTTP_COOKIE_PATH', '/store_tole_decorative_painting/');

define('HTTPS_COOKIE_PATH', '/store_tole_decorative_painting/');

define('DIR_WS_HTTP_CATALOG', '/store_tole_decorative_painting/');

define('DIR_WS_HTTPS_CATALOG', '/store_tole_decorative_painting/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/decorati/public_html/store_tole_decorative_painting/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');


Sharon

Share this post


Link to post
Share on other sites

******

I just tried that before you replied, but when I use the login.php page, enter a name and password, then click continue, it just loops back to itself and won't let me log in as a customer.

 

But also wanted to say with this change to the application-top.php when I look at the page source the <base href= now shows "https://www.decorativepaintingstore.com/store_tole_decorative_painting/">, so that is good. Now if I can only find out why, it won't process the login.


Sharon

Share this post


Link to post
Share on other sites

Change what I said to change and change this:

 

define('HTTPS_COOKIE_DOMAIN', 'https://www.decorativepaintingstore.com');

to

 

define('HTTPS_COOKIE_DOMAIN', 'www.decorativepaintingstore.com');

or

 

define('HTTPS_COOKIE_DOMAIN', '.decorativepaintingstore.com');


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Change what I said to change and change this:

 

define('HTTPS_COOKIE_DOMAIN', 'https://www.decorativepaintingstore.com');

to

 

define('HTTPS_COOKIE_DOMAIN', 'www.decorativepaintingstore.com');

or

 

define('HTTPS_COOKIE_DOMAIN', '.decorativepaintingstore.com');

 

****

I made the changes you suggested, but when I clicked on MY ACCOUNT to get to the login page, the COOKIE USAGE page came up saying I needed to enable cookies, even though I already have cookies enabled on my browser. Same happened whether I had the https cookie domain defined as "www.decorativepaintingstore.com", ".decorativepaintingstore.com" or I even tried "decorativepaintingstore.com"


Sharon

Share this post


Link to post
Share on other sites

In your admin make sure "Force Cookie Use" is false.

 

Then make the changes I said to make (I'm not saying that again).

 

If you can't do what I say you're wasting your time and mine.

 

The way you have it now it will never work.

 

Found HTTPS_COOKIE_DOMAIN:

 

define('HTTPS_COOKIE_DOMAIN', 'https://www.decorativepaintingstore.com');

 

HTTPS_COOKIE_DOMAIN line parsed!

 

 

 

Parsing application_top.php for SSL detection key...

 

Found SSL detection key:

 

$request_type = (stristr(getenv('HTTP_X_FORWARDED_HOST'), ".sslpowered.com")) ? 'SSL' : 'NONSSL';


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

In your admin make sure "Force Cookie Use" is false.

 

Then make the changes I said to make (I'm not saying that again).

 

If you can't do what I say you're wasting your time and mine.

 

The way you have it now it will never work.

 

First I'll say thank you. I appreciate your time and suggestions. Without people like you, people like me who aren't as familiar with oscommerce and php language would be totally lost... your last suggestion to change "Force Cookie Use" to "false" in the admin panel seemed to do the trick, along with change you suggested to the includes/application-top.php file. I didn't reload the edited configure.php file because it seems to be working without that change.

 

Second, I DID make the changes you told me to make each time, then installed, and tested them. When they didn't work, I restored the 2 files I had been using because my store was working ok in Firefox, Safari, and earlier versions of IE. I have an active store and couldn't afford to leave it in a totally broken state while I continued to test options to fix the problem that was cropping up in IE8.

 

Again, thanks for your help. I've checked the site out on a Windows Vista computer using IE8 and I'm not longer getting error messages and all my images are showing up on https pages.


Sharon

Share this post


Link to post
Share on other sites

I still think the cookie domain is screwed:

 

Found HTTPS_COOKIE_DOMAIN:

 

define('HTTPS_COOKIE_DOMAIN', 'https://www.decorativepaintingstore.com');

 

HTTPS_COOKIE_DOMAIN line parsed!


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I still think the cookie domain is screwed:

 

 

I can change it to "www.decorativepaintingstore.com" if you think that will make a difference. Is there something I can do or check to tell if it does or not?


Sharon

Share this post


Link to post
Share on other sites

I can change it to "www.decorativepaintingstore.com" if you think that will make a difference. Is there something I can do or check to tell if it does or not?

I would suggest that change.

 

The way to check it is this:

 

Add some things to the cart, THEN login.

 

If the cart empties - the cookie is wrong (most likely).

 

If the things are still in the cart after logging in - it was a good change.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I would suggest that change.

 

The way to check it is this:

 

Add some things to the cart, THEN login.

 

If the cart empties - the cookie is wrong (most likely).

 

If the things are still in the cart after logging in - it was a good change.

 

I changed it to "www.decorativepaintingstore.com". Added items to cart, then logged in and items stayed in cart. (Although they also stayed in cart when it was set at "https://www.decorativepaintingstore.com".) I'll leave it as you suggested; it seems to be running smoothly.

 

Thanks again... I would never have figured this one out on my own.


Sharon

Share this post


Link to post
Share on other sites

hi,

 

i have implemented ssl on an modified oscommerce

when i call a https page for 2 seconds i have the certificate and after disappear.

i understund that is an script or anything else called from other site but i can't find the problem

if i call an admin page it's ok

here is the site

any sugestions please

 

thanks

Share this post


Link to post
Share on other sites

It works for me.

 

I don't see a problem...

:huh:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I won't be any help.

 

The site works fine in IE7 and Firefox 3.0

 

That's all I have installed.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

thank you

 

i have installed oscommerce without add-ons here and at this the sign of ssl which are before http:// remain (it's ok)]

 

see the diference?

Share this post


Link to post
Share on other sites

i have downloaded again Firefox 3.5.3 and the error is "Warning: Contains unauthenticated content"

same in Google Chrome

 

in win xp with old browsers everything it's ok

i don't find the problem

Share this post


Link to post
Share on other sites

Hello I'm about to buy ssl cert. for oscommerce please advice.

 

domain to register for ssl https://domain.com

but I want secure only input pages where customer inputs some data, like login page, registration, payment processing, checkout etc.

rest I want site to open as normal http://domain.com and not https://domain.com

 

is it all controlled via config files in includes ?

Share this post


Link to post
Share on other sites

Hello I'm about to buy ssl cert. for oscommerce please advice.

 

domain to register for ssl https://domain.com

but I want secure only input pages where customer inputs some data, like login page, registration, payment processing, checkout etc.

rest I want site to open as normal http://domain.com and not https://domain.com

That is the default behavior of osC


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

hi again,

 

like i says with the last version of firefox i have this error

for 2 seconds its'ok like here

with old browsers i don't have problems

i have installed original osc here and ssl work well

 

what can i do?

 

Thanks

Share this post


Link to post
Share on other sites

I looked at the stylesheet and I see nothing that would cause a problem.

 

Image links in the stylesheet won't cause a problem, UNLESS they are hard coded with a http: link

 

None of yours have that. If they did IE would give you problems.

 

I did some investigation and found some info on another forum that the latest Firefox is having problems with some SSL certs. that no other browser does.

 

Consider that.

 

It may be just a temporary problem with your browser, not your web site.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I looked at the stylesheet and I see nothing that would cause a problem.

 

Image links in the stylesheet won't cause a problem, UNLESS they are hard coded with a http: link

 

None of yours have that. If they did IE would give you problems.

 

I did some investigation and found some info on another forum that the latest Firefox is having problems with some SSL certs. that no other browser does.

 

Consider that.

 

It may be just a temporary problem with your browser, not your web site.

 

 

yes you are right just the last browsers (google, firefox..)

now i delete all the links from .css file to pictures and you will see the diference - are working

can you find it here

what can i do?

 

thanks

Share this post


Link to post
Share on other sites

Exactly what part of "it's a temporary problem with your browser" do you not understand?

:unsure:

 

I looked at the stylesheet - there was nothing it it to interfere with your SSL, despite what your browser is telling you.

 

The site has always worked fine for me and the browsers I use (as I told you several posts ago).

 

Stop using the latest Firefox until they provide an update to fix the problem. That would be one reason why I haven't upgraded my version of Firefox yet - the new version is "buggy".

 

That's what you can do.

:huh:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Exactly what part of "it's a temporary problem with your browser" do you not understand?

:unsure:

 

I looked at the stylesheet - there was nothing it it to interfere with your SSL, despite what your browser is telling you.

 

The site has always worked fine for me and the browsers I use (as I told you several posts ago).

 

Stop using the latest Firefox until they provide an update to fix the problem. That would be one reason why I haven't upgraded my version of Firefox yet - the new version is "buggy".

 

That's what you can do.

:huh:

 

and Google Chrome???

all with "buggy"?

Share this post


Link to post
Share on other sites

Hi all,

 

I receive this message when navigating to any page on my site using unsecure.php

 

Suspect code:

<script language="javascript" src="http://littlestork.ca/includes/javascript/jquery.js" type="text/javascript"></script>

 

Suspect code:

<script language="javascript" src="http://littlestork.ca/includes/javascript/jquery.cycle.js" type="text/javascript"></script>

 

Any help would be appreciated.

 

Jonathon

Share this post


Link to post
Share on other sites

×