Re: Is your store using shared SSL under suPHP and SuExec?
Schoolboy, Qdixon,
Thank you for your responses. Those are the a) and b) responses that I'm already aware of, however I'm trying to find the technical solution rather then bypassing the issue.
Maybe I just want to prove my web host wrong conclusively before ditching them? I'm certainly not paying for dedicated SSL when shared SSL should work. It's like buying a new new car for full price and the salesman saying "Oh, you want to drive it? OK, you need to buy an engine then - that's extra".
What I'm looking for is:
- Zen Cart users who use shared SSL under suPHP / SuExec and have had no problems, and / or
- Zen Cart users who use shared SSL under suPHP / SuExec and have had this session problem but have found a solution.
Thanks.
Re: Is your store using shared SSL under suPHP and SuExec?
To answer your question directly, a shared SSL Certificate will work on all configurations that were listed in your post.
You must be on the shared SSL ip address and not a dedicated ip; also your host must enable the ability in WHM.
The apache/php configuration has nothing to do with the way virtual host entries are made in the httpd.conf file.
Re: Is your store using shared SSL under suPHP and SuExec?
Thank you Qdixon.
Just a thought - is there anything I can do myself to the session settings in the PHP.ini file to help fix this?
Rat M.
Re: Is your store using shared SSL under suPHP and SuExec?
Qdixon,
I passed your comment to the web host who replied:
The shared IP address of the server is [xxxxx] and the hostname of the server is [yyyyy] and the A record for hostname i.e [yyyyy] is set to point to [xxxxx].
Also, the ssl installed on server is configured as shared ssl under WHM as well.
[xxxxx], [yyyyy] obscured were ip address and https url.
So host thinks it should work, but it does not.
I'm thinking:
a) Can I tweak PHP.ini? or
b) Shall I try a fresh Zen Cart install?
I really would like to know if others are (or are not) having this issue.
Thanks
Ratty.
Re: Problems since host upgraded PHP to suPHP
No it wont help by any of that. The server administrator has a couple options in WHM to allow the use of the server's shared certificate.
In "Manage SSL Hosts" your account must be listed using the shared certificate. If it is listed then you will need to go into SSL/TLS in cpanel and chose to activate the shared certificate.
If SSL/TLS is not in your cpanel, your host will need to do it.
The best option if your host doesn't know how is just to have them submit a support ticket to cpanel and they will direct them to the right place.
Re: Problems since host upgraded PHP to suPHP
Quote:
Originally Posted by
Qdixon
The best option if your host doesn't know how is just to have them submit a support ticket to cpanel and they will direct them to the right place.
:D a very polite way of hinting at a worrying level of incompetence at your hosting company. I wish I had this degree of tact !
Re: Problems since host upgraded PHP to suPHP
I'm still hoping to hear from store owners who use shared SSL under suPHP and Apache Suexec to know if they have or have not had this problem.
Thanks.
The Sumatran RatMonkey
Re: Problems since host upgraded PHP to suPHP
A week now... and no fix to the problem yet? (first post on 1 April).
A week's worth of sales (or rather no sales) ... ?
Why are you persisting with this? Are you not more concerned about running a profitable business?
Re: Problems since host upgraded PHP to suPHP
schoolboy,
Thanks for your concern, however SSL is turned off and I only take PayPal, so transactions are secure anyway over PayPal's SSL servers and the stores are operating fine.
The only risk is that user log in details are not secured. A risk I can bear for the time being.
Rat
Re: Problems since host upgraded PHP to suPHP
DrByte, may I seek your advice once more.
I changd my webhost. The new webhost is also running suPHP and Apache suExec. (Looks like they all are). I have the same problem with shared SSL sessions expiring. Taking the admin area as an example:
if ENABLE_ADMIN_SSL = true
Case A: All four server define entries are set to 'http//www.mysubdomain.com'
Result: Everything works fine.
Case B: All four server define entries are set to 'https//mysharedssl.com/~myaccount/www.mysubdomain.com'
Result: Everything works fine.
Case C:
Two http server define entries are set to 'http//www.mysubdomain.com'
Two https server define entries are set to 'https//mysharedssl.com/~myaccount/www.mysubdomain.com'
Result: Sessions expire. I can log into admin, but when a click a link I get logged out. A similar thing happens in the shop if checkout SSL is enabled. When you click on "go to checkout" then the session expires and I get the "oops your session has expired" message.
It looks like the problem happens when moving between https and http servers.
Any idea what is going on?