Jump to content

Archived

This topic is now archived and is closed to further replies.

seamus75

SSL nightmare

Recommended Posts

I have an SSL cert on my site to use symlink but my problem is that in IE8 when i try to use https:// i get a security warning box which says "Do you want to view only the webpage content that was delivered securely?" and when i click YES my whole page is all messed up with no images showing and content all over the shop. If i click NO my site appears fine so there is nothing wrong with my content.

 

i checked all my images for tep_href_link & tep_image and they appear fine

 

my site works fine in firefox but IE is a disaster of a browser

 

if one image or link is hardcoded with http// will it break the whole site

 

any help would great on what is causing this problem

 

thanks

Share this post


Link to post
Share on other sites

in catalog/includes template_top.php when i remove the following line my site works great with all images and content perfect on https// pages and with no annoying stupid IE warning

 

<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>" />

 

but im removing something that i aint got a baldies what im removing and which may well be important, it may need to be changed around just.

 

does anyone know what this means or what i should do with it

 

any help wud be great

Share this post


Link to post
Share on other sites

Click the "SSL Implementation Help" link in my signature.

 

Sounds like the store isn't recognizing that SSL is active.

 

Without a URL (by post or PM) that's all I can say/do.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

thanks for your reply

 

i checked everyting and i had all my config settings correct and pointing to https server

 

However in includes/local directory there is a README file which says

This directory contains local configuration information. It also must contain a file named configure.php that can be used to override the defaults set in application_top.php Remember to execute PHP commands the file needs to start with <?php and end with ?>

 

I dont have any configure.php file in it

 

Essentially, the code doesn't realise that the page is SSL and hence loads all images/links in default http instead of https which IE doesnt like hence no images etc

 

so i forced it to use https by adding S after HTTP in catalog/includes template_top.php (shown in red color)

 

<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTPS_SERVER) . DIR_WS_CATALOG; ?>" />

 

my interpertation is that im overriding the default base url setting so if my site calls an SSL secure https page like login.php its forced to use https for everything on that page images etc

 

SSL now works perfect on my site and displays all content and images in https while on secure https pages

 

if you ask me its a problem in the osc code cause ive everything set correctly

Share this post


Link to post
Share on other sites

The problem is that all servers aren't set up the same so the code needs tailored to fit the server sometimes.

 

The code change you made isn't the correct way to fix the problem (IMHO).


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

well what is then???

 

and thats what i did i taliored the code and corrected the problem

 

it fixed the problem for me cuz my site is working perfect now with https so how is that incorrect. i forced it to use https server URL when on an https page so everything loads in https instead of default

Share this post


Link to post
Share on other sites

I can't tell for sure without the URL.

 

Did you read thru at least the first part of the "SSL Implementation Help" thread?

 

Looks to me like you didn't "fix" it you put a band-aid on the problem.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

It works but it's not fixed correctly.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Try reading what I said you should read.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

i told u already yur help notes did not help me with my problem

 

your notes are basic config settings which i had already set correctly and which were not the cause of the problem

Share this post


Link to post
Share on other sites

Are you on an IIS (Microsoft Windows) server or an Apache (usually Linux) server? On IIS, the getenv('HTTPS') call in application_top.php may return a '1' instead of the expected 'on', so your system does not recognize that HTTPS is in effect. You might check if your code only checks 'on', and if so, also check for '1'. I'm away from my system right now, so this is all from memory, but it might give you a place to look, even if the details aren't exact.

Share this post


Link to post
Share on other sites

×