Results 1 to 10 of 19

Hybrid View

  1. #1
    Join Date
    Oct 2011
    Posts
    10
    Plugin Contributions
    0

    Default Enabling SSL Breaks Catalog / Admin

    I've been bashing my head against a wall for a while now, trying to enable SSL within Zencart. Any help or direction to a resource that would answer this question would be GREATLY appreciated...Going through this page is how I got this far to begin with:
    http://tutorials.zen-cart.com/index.php?article=14

    Currently, the Zencart store and admin panel work fine as long as SSL is set to false in include/configuration.php and admin/include/config.php.

    I am currently using Zencart Version: v1.3.9h

    I've also verified I can get to
    https://www.reelhotlures.com and https://reelhotlures.com through my browser without an error, so I'm assuming the SSL is working correctly, but I don't know what's causing Zencart to break once enabled.

    I get these error messages when trying to access either while enable SSL is set to 'true':
    -------------
    Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    More information about this error may be available in the server error log.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
    Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at reelhotlures.com Port 443
    ------------------

    Below is what I have for include/configure.php and admin/include/configure.php.

    (I should note that I've tried entering both 'reelhotlures.com' and 'www.reelhotlures.com' within their respective http/https server fields, with no luck using either)

    include/configure.php:
    define('HTTP_SERVER', 'http://reelhotlures.com');
    define('HTTPS_SERVER', 'https://reelhotlures.com');

    define('ENABLE_SSL', 'true');


    admin/include/configure.php:
    define('HTTP_SERVER', 'http://reelhotlures.com');
    define('HTTPS_SERVER', 'https://reelhotlures.com');
    define('HTTP_CATALOG_SERVER', 'http://reelhotlures.com');
    define('HTTPS_CATALOG_SERVER', 'https://reelhotlures.com');

    define('ENABLE_SSL_CATALOG', 'true');
    define('ENABLE_SSL_ADMIN', 'true');

    ----------------------

    I can provide screenshots of how things are set up... Yes, I'm using GoDaddy. From what I have read, that wasn't the best way to go. However, switching my host is not an option at this point.

    Here is a screenshot of the SSL cert through GoDaddys panel, so it is registered and active:
    (I've blurred out some information on these screenshots because I'm not sure what is sensitive information and what is not)
    http://reelhotlures.com/images/example4.jpg

    Within my GoDaddy account is a Virtual Dedicated server, that I have the reelhotlures.com site hosted on.
    http://reelhotlures.com/images/example2.jpg

    On this Virtual Dedicated Server, I also have the SSL hosted and active. If I click on the reelhotlures.com link in this image, it takes me (successfully) to https://reelhotlures.com.
    I have also confirmed that going to 'https://WWW.reelhotlures.com' works as well (this is also noted in the zencart faq).
    Also, in this screenshot, I have noticed it does say that 'No SSL certificate is currently shared' .... so the SSL SHOULD be a 'DEDICATED' SSL, correct? (I ask because the Zencart FAQ says to verify which type you have, dedicated/shared)
    http://reelhotlures.com/images/example3.jpg

    And finally, here is a screenshot of the Cpanel for the reelhotlures.com hosted site that is on Virtual Dedicated Server. If I go into the SSL manager, I can see all the keys associated with the SSL. I've noticed it lists the home directory as home/reelhot, but I'm not sure if this should go into the Configure.php files or not. I've also noticed that at the very bottom it lists a 'shared IP address' ... which is the ip address of the virtual dedicated server. I'm not sure if that's important to note.
    http://reelhotlures.com/images/example1.jpg

  2. #2
    Join Date
    May 2010
    Location
    WA State
    Posts
    1,675
    Plugin Contributions
    2

    Default Re: Enabling SSL Breaks Catalog / Admin

    Your Godaddy SSL cert is not installed. Right now, it's a self-cert.
    The best way to learn is to try stuff. But, back it up first.

  3. #3
    Join Date
    Aug 2005
    Location
    Vic, Oz
    Posts
    1,672
    Plugin Contributions
    5

    Default Re: Enabling SSL Breaks Catalog / Admin

    You need a "dedicated" IP address for SSL to work correctly.
    Not a "shared" IP

    Also see this
    http://www.sslshopper.com/ssl-checke...elhotlures.com
    and
    http://www.sslshopper.com/ssl-checke...elhotlures.com

  4. #4
    Join Date
    Oct 2011
    Posts
    10
    Plugin Contributions
    0

    Default Re: Enabling SSL Breaks Catalog / Admin

    Ok, so it appears I left out a step when installing the SSL cert from GoDaddy to my Virtual Dedicated Server. I checked the links you supplied me Gilby, (after I finished installing it), and it appears everything is working for the SSL cert now. So, thank you so much for that.

    However, something strange is still going on:

    (Using FireFox)
    If I go to https://reelhotlures.com, its still saying Verfied by: Not specified, with no blue bar.

    HOWEVER, if I go to https://reelhotlures.com/zen_catalog/, I DO get the blue bar, and it's saying verified by GoDaddy. (Which is very refreshing)

    Unfortunately, the catalog is still broken while SSL is enabled, and I get the same 'internal server error' message as I posted before. This is the same for the admin page as well. (The blue bar shows up, but I get an error and it doesn't load). I've cleared my cache and cookies, and restarted, but with no luck.

    Is this happening because as you said I need a "dedicated" IP? I thought the server HAD a dedicated IP. It's always the same IP to log into the WHM panel.

    I DID have to install the cert using the user 'nobody', as it gave me an error when trying to use the site specific username.

    Am I pretty much screwed in trying to get this to work with a Virtual Dedicated Server? Or is there still a way around it? I feel like I'm so close to success, but scared I'm going to hit a wall and there's going to be no way to configure because of how it is hosted. :crosses fingers and waits for reply:

  5. #5
    Join Date
    May 2010
    Location
    WA State
    Posts
    1,675
    Plugin Contributions
    2

    Default Re: Enabling SSL Breaks Catalog / Admin

    Is this happening because as you said I need a "dedicated" IP? I thought the server HAD a dedicated IP. It's always the same IP to log into the WHM panel.
    Even if it's a shared IP address it will show the same one. It's showing you the IP address for the server you're on.
    The best way to learn is to try stuff. But, back it up first.

  6. #6
    Join Date
    Oct 2011
    Posts
    10
    Plugin Contributions
    0

    Default Re: Enabling SSL Breaks Catalog / Admin

    So is it specifically because I have a shared IP that the catalog/admin panel is breaking when enabling SSL? If so, is there ANY way to circumvent that? Or am I basically just screwed, and need to find a different hosting solution?

  7. #7
    Join Date
    Mar 2009
    Posts
    84
    Plugin Contributions
    0

    Default Re: Enabling SSL Breaks Catalog / Admin

    Question:

    How would I force the https:// when going to the site instead of having it go to http:// ?

  8. #8
    Join Date
    Jan 2004
    Posts
    60,441
    Blog Entries
    4
    Plugin Contributions
    51

    Default Re: Enabling SSL Breaks Catalog / Admin

    Quote Originally Posted by selcyis View Post
    Question:

    How would I force the https:// when going to the site instead of having it go to http:// ?
    Simple: change your HTTP_SERVER define from starting with 'http://' to start with 'https://' ... well, put the correct URL into it.

    If you're using a shared-cert, don't do that, because your customers will see that you're sending them to some other random site and will just quit and go someplace else.

    But, unless you've got a solid business reason for making "every" page be https, then don't. Zen Cart already takes care of SSL where it's required. Changing that is overkill and pointless for 95% of all stores. Don't do it unless you know EXACTLY why you're doing it.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.



 

 

Similar Threads

  1. Catalog/Admin panel breaks when turning on SSL
    By Famsta in forum Installing on a Linux/Unix Server
    Replies: 2
    Last Post: 28 Oct 2011, 04:31 PM
  2. Enabling coupons in my store breaks Express Checkout?
    By SHSLtd in forum PayPal Express Checkout support
    Replies: 6
    Last Post: 12 May 2010, 06:48 PM
  3. Enabling login Column Box Breaks my site
    By kepford in forum Basic Configuration
    Replies: 0
    Last Post: 14 Jul 2008, 02:42 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •