Jump to content

Archived

This topic is now archived and is closed to further replies.

Master One

HELP: SSL-access by a separate folder

Recommended Posts

You guys are all crazy.

 

The Bear told you EXACTLY what you do when you have a shared SSL in a DIFFERENT URL than your USUAL URL.

 

You DO NOT copy any files into the SSL folder. You simply edit the configure.php file so that the HTTPs define points to the SSL DIRECTORY, and the HTTP define so that it points to your REGULAR domain.

 

This works perfecty. I used a SHARED SSL, in a different domain that my usual domain ofr over a year. I think it rediculas that you guys tell people that know what they are talking about that they are wrong. It's no wonder that you can't get it to work, when you won't listen.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites
@The_Bear

 

Nope, sorry, but you are still thinking about something other.

 

NO, he is not. He knows exactly what you are talking about, and he gave you exactly the right answer.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

Maybe I'm boing stupid here, but I'm not sure if I'm on the same thing here...

 

I have 2 URL's one for the site and have just been given a secure address on a different URL....

 

Have done the config thing... (configure.php)

 

define('HTTP_SERVER', 'http://www.pr-kits.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://secure-websites.com/pr-kits.com/'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

And guess what... don't work...

 

When I hit the link for the checkout I get this..

 

https://secure-websites.com/pr-kits.com//ca...ut_shipping.php

 

So what am I doing wrong, Bear says I don't need to copy files round...

 

Please help

 

 

TIA

 

Simon

Share this post


Link to post
Share on other sites

I am having a similar problem, I set all my configure.php files correctly and when I click on checkout I get a 403 error, I don't even get the ssl pop-up window.


If only I was the one helping you...

 

.:::::For complete data-driven and multi-media website creations:::::.

http://www.innocentinnovations.com

 

------------------------

Get instructions, visit the documentation site:

http://wiki.oscommerce.com/Top

Share this post


Link to post
Share on other sites
Maybe I'm boing stupid here, but I'm not sure if I'm on the same thing here...

 

I have 2 URL's one for the site and have just been given a secure address on a different URL....

 

Have done the config thing... (configure.php)

 

define('HTTP_SERVER', 'http://www.pr-kits.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://secure-websites.com/pr-kits.com/'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

And guess what... don't work...

 

When I hit the link for the checkout I get this..

 

https://secure-websites.com/pr-kits.com//ca...ut_shipping.php

 

So what am I doing wrong, Bear says I don't need to copy files round...

 

Please help

 

 

TIA

 

Simon

I hate to tell you, but http://www.pr-kits.com/catalogue/checkout_shipping.php doesn't exist either.

 

You do not have to copy any file into your SSL folder.

 

You simply have to set you configuration.php variables correctly.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

On my cart I am getting hit with this when I click on checkout:

 

Forbidden

You don't have permission to access /interior_admin/catalogaccount.php on this server.

 

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.


If only I was the one helping you...

 

.:::::For complete data-driven and multi-media website creations:::::.

http://www.innocentinnovations.com

 

------------------------

Get instructions, visit the documentation site:

http://wiki.oscommerce.com/Top

Share this post


Link to post
Share on other sites
I noticed that one and have put it right... Still doesn't worth though..

 

Simon

Simon, you need to ask your host why this url doesn't work...

 

https://secure-websites.com/pr-kits.com/login.php

 

You are not supposed to ever put files into your SSL folder. In fact you will ifnd that you host probably did not allowcate enough space to put much in there. You are only supposed to use the PATH and the PATH is supposed to point back to your regular website.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

Is there something wrong with my ssl URL?

 

define('HTTP_SERVER', 'http://www.interiorsconsigned.com'); // eg, http://localhost - should not be empty for productive servers

  define('HTTPS_SERVER', 'https://violet.srv2.com/interior_admin/catalog'); // eg, https://localhost - should not be empty for productive servers

  define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

  define('HTTP_COOKIE_DOMAIN', 'www.interiorsconsigned.com');

  define('HTTPS_COOKIE_DOMAIN', 'www.interiorsconsigned.com');


If only I was the one helping you...

 

.:::::For complete data-driven and multi-media website creations:::::.

http://www.innocentinnovations.com

 

------------------------

Get instructions, visit the documentation site:

http://wiki.oscommerce.com/Top

Share this post


Link to post
Share on other sites

2 things that are obvious,

 

1st, this is wrong...

 

define('HTTPS_SERVER', 'https://violet.srv2.com/interior_admin/catalog');

 

it should look like

 

define('HTTPS_SERVER', 'https://violet.srv2.com/interior_admin');

 

or

 

define('HTTPS_SERVER', 'https://violet.srv2.com');

 

Dependin on what your host game you as your SSL path.

 

 

2nd, you seem to have permissions set to not allow anyone access. Ask you host.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

Okay, I changed it from define('HTTPS_SERVER', 'https://violet.srv2.com/interior_admin/catalog');

 

To

define('HTTPS_SERVER', 'https://violet.srv2.com/interior_admin');

 

About the permissions, I have set the configure.php files to 644. I have a password protect on the downloads folder (set by default). Apart from that, I don't know what else could be changed to allow access.


If only I was the one helping you...

 

.:::::For complete data-driven and multi-media website creations:::::.

http://www.innocentinnovations.com

 

------------------------

Get instructions, visit the documentation site:

http://wiki.oscommerce.com/Top

Share this post


Link to post
Share on other sites

My server only allows me to save onto the normal folder. I have a SSL cert and this is my Catalog/config setting. I'm having problems with my pictures not switching to secure "https". Some help me with this?

 

Thanks

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.gnarlyparts.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.gnarlyparts.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.gnarlyparts.com');

define('HTTPS_COOKIE_DOMAIN', 'www.gnarlyparts.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');


Always looking for a way to improve my sites.

Share this post


Link to post
Share on other sites

Its access to the secure path that's giving you problems.

 

Ask you host about it.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites
My server only allows me to save onto the normal folder. I have a SSL cert and this is my Catalog/config setting. I'm having problems with my pictures not switching to secure "https". Some help me with this?

 

Thanks

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.gnarlyparts.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.gnarlyparts.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.gnarlyparts.com');

define('HTTPS_COOKIE_DOMAIN', 'www.gnarlyparts.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

Is it your product images that are not switching to SSL, or is it the images you HARDCODED in?


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

Neverind, I see that it is all of your images.

 

What is your images directory defined as?\

 

 

EDITED: Opps, I see that as well. Sorry, I have no idea.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites
My server only allows me to save onto the normal folder. I have a SSL cert and this is my Catalog/config setting. I'm having problems with my pictures not switching to secure "https". Some help me with this?

 

Thanks

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

  define('HTTP_SERVER', 'http://www.gnarlyparts.com'); // eg, http://localhost - should not be empty for productive servers

  define('HTTPS_SERVER', 'https://www.gnarlyparts.com'); // eg, https://localhost - should not be empty for productive servers

  define('ENABLE_SSL', true); // secure webserver for checkout procedure?

  define('HTTP_COOKIE_DOMAIN', 'www.gnarlyparts.com');

  define('HTTPS_COOKIE_DOMAIN', 'www.gnarlyparts.com');

  define('HTTP_COOKIE_PATH', '/');

  define('HTTPS_COOKIE_PATH', '/');

  define('DIR_WS_HTTP_CATALOG', '/');

  define('DIR_WS_HTTPS_CATALOG', '/');

  define('DIR_WS_IMAGES', 'images/');

  define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

  define('DIR_WS_INCLUDES', 'includes/');

  define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

Is it your product images that are not switching to SSL, or is it the images you HARDCODED in?

My product images are not switching to SSL.


Always looking for a way to improve my sites.

Share this post


Link to post
Share on other sites
Its access to the secure path that's giving you problems.

 

Ask you host about it.

 

I talked to my host, I was informed that I was not putting the tilde (~) for my ssl url path, and that I needed to include that. I have done so and I am still getting a similar message:

You don't have permission to access /~interior_admin/catalog/checkout_shipping.php on this server.

 

Here are my config settings:

define('HTTP_SERVER', 'http://www.interiorsconsigned.com'); // eg, http://localhost - should not be empty for productive servers

  define('HTTPS_SERVER', 'https://violet.srv2.com/~interior_admin/catalog/'); // eg, https://localhost - should not be empty for productive servers

  define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

  define('HTTP_COOKIE_DOMAIN', 'www.interiorsconsigned.com');

  define('HTTPS_COOKIE_DOMAIN', 'www.interiorsconsigned.com');

  define('HTTP_COOKIE_PATH', '/catalog/');

  define('HTTPS_COOKIE_PATH', '');

 

I don't know what is wrong now, do you have any ideas (i bet it's something really simple)?


If only I was the one helping you...

 

.:::::For complete data-driven and multi-media website creations:::::.

http://www.innocentinnovations.com

 

------------------------

Get instructions, visit the documentation site:

http://wiki.oscommerce.com/Top

Share this post


Link to post
Share on other sites
Neverind, I see that it is all of your images.

 

What is your images directory defined as?\

 

 

EDITED: Opps, I see that as well. Sorry, I have no idea.

Can you try my site now. I turned the SSL to true now.. Before when you looked at it, it wasn't in true. Because my site is live I didn't want everyone dealing with pop up secure warnings.

 

As you can see.. it's goes to https but I don't get the lock and I get errors about secure and nonsecure site. I have installed a test php here https://www.gnarlyparts.com/test.php

 

The test works fine.. My admin is secure.. just not the site because of the pictures. Any cures?

 

Thanks

 

Dave


Always looking for a way to improve my sites.

Share this post


Link to post
Share on other sites
Can you try my site now. I turned the SSL to true now.. Before when you looked at it, it wasn't in true. Because my site is live I didn't want everyone dealing with pop up secure warnings.

 

I'm not getting the warning popup now. However, if you do still get it, check all of your hardcoded images, to make sure you don't have any with the http hardcoded in.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

Can you try my site now. I turned the SSL to true now.. Before when you looked at it, it wasn't in true. Because my site is live I didn't want everyone dealing with pop up secure warnings.

 

I'm not getting the warning popup now. However, if you do still get it, check all of your hardcoded images, to make sure you don't have any with the http hardcoded in.

Thanks for the input. I know on Windows XP it doesn't show any pop ups, but on any older version, they will get it. Also, if you notice I don't get the little lock key on the bottom of Exployer and if you check the properties of any picture you will notice that they link from the http side and not the https. Just these little bugs I got to fix then I'm almost ready.

 

Thanks for any help you can give me.

 

Dave


Always looking for a way to improve my sites.

Share this post


Link to post
Share on other sites
any picture you will notice that they link from the http side and not the https.

 

Actually, not all the images are behaving that way. Some of the buttons are displaying properly, with the https.

 

I'm not sure why some images will display properly, and some won't. That is not how that stock OSC behaves.

 

EDIT: Hmmn, now that I try again, it appears that all of your images are not displaying the HTTPS properly.

 

Sorry, I have no idea.


-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Share this post


Link to post
Share on other sites

OK let me get this straight.

 

On NON ssl site set the configuration to

 

define('HTTP_SERVER', 'http://www.YOURDOMAIN.com'); // eg, http://localhost - should not be empty f

define('HTTPS_SERVER', 'https://SECURE.DOMAIN.COM/'); // eg, https://localhost - should not

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

The configuration settings of :

define('DIR_WS_HTTP_CATALOG', '/'); // for the Root of your domain

define('DIR_WS_HTTPS_CATALOG', '/yoursecuredirectory/'); //on the secure server

 

 

IS SUPPOSED to automatically

1) switch to the other server

2) bring in the files its supposed to require from the NON-SSL site

3) this also inclues images?

4) never copy any files OR images and have the server CALL the pages and images required and display them through SSL ???

 

Even IF the SSL certificate is a cert that belongs to a domain, but a directory underneath is defined?

 

No way.

 

I'm using Linux on the non-ssl and Windows NT on the SSL side.

 

When the system is directed to go to the NT box for the secure connection , IF I don't copy the files there I get an error! Can't be done. IF I put a copy of the files there, no problemo, BUT this means massive duplication.

 

Here is a copy of my Configuration on the NON-SSL server (running linux with apache):

 

define('HTTP_SERVER', 'http://www.MYDOMAIN.com'); // eg, http://localhost - should not be empty f

define('HTTPS_SERVER', 'https://estores.SECURESERVER.com/'); // eg, https://localhost - should not

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.MYDOMAIN.com');

define('HTTPS_COOKIE_DOMAIN', 'estores.SECURESERVER.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', 'MYDOMAIN/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

 

 

No matter what I change, when the system hands off to the SSL connection, I *must* have a complete copy of the files including the images. Otherwise I get the dreaded "SECURE vs NON SECURE" .

 

I'm really interested in knowing IF anyone has something similar to this set up. Maybe its the NT server and how it hands off the certificate? But in all of my SSL days, there never was a "pass through". Everything needs to be in the SSL folder on the SSL server.

 

 

TIA.

 

Nitchimon


------------------------------------------

Nitchimon

 

Motto for today:

I went to school to become a wit. But I only made it half way.

Share this post


Link to post
Share on other sites
OK let me get this straight.

 

On NON ssl site set the configuration to

 

define('HTTP_SERVER', 'http://www.YOURDOMAIN.com'); // eg, http://localhost - should not be empty f

define('HTTPS_SERVER', 'https://SECURE.DOMAIN.COM/'); // eg, https://localhost - should not

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

 

The configuration settings of :

define('DIR_WS_HTTP_CATALOG', '/'); // for the Root of your domain

define('DIR_WS_HTTPS_CATALOG', '/yoursecuredirectory/'); //on the secure server

 

 

IS SUPPOSED to automatically

1) switch to the other server

2) bring in the files its supposed to require from the NON-SSL site

3) this also inclues images?

4) never copy any files OR images and have the server CALL the pages and images required and display them through SSL ???

 

Even IF the SSL certificate is a cert that belongs to a domain, but a directory underneath is defined?

 

No way.

 

I'm using Linux on the non-ssl and Windows NT on the SSL side.

 

When the system is directed to go to the NT box for the secure connection , IF I don't copy the files there I get an error! Can't be done. IF I put a copy of the files there, no problemo, BUT this means massive duplication.

 

Here is a copy of my Configuration on the NON-SSL server (running linux with apache):

 

define('HTTP_SERVER', 'http://www.MYDOMAIN.com'); // eg, http://localhost - should not be empty f

define('HTTPS_SERVER', 'https://estores.SECURESERVER.com/'); // eg, https://localhost - should not

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.MYDOMAIN.com');

define('HTTPS_COOKIE_DOMAIN', 'estores.SECURESERVER.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', 'MYDOMAIN/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

 

 

No matter what I change, when the system hands off to the SSL connection, I *must* have a complete copy of the files including the images. Otherwise I get the dreaded "SECURE vs NON SECURE" .

 

I'm really interested in knowing IF anyone has something similar to this set up. Maybe its the NT server and how it hands off the certificate? But in all of my SSL days, there never was a "pass through". Everything needs to be in the SSL folder on the SSL server.

 

 

TIA.

 

Nitchimon

Why are you using Linux and Windows NT on the same server?


Always looking for a way to improve my sites.

Share this post


Link to post
Share on other sites

×