Enabling SSL Breaks Catalog / Admin

[Famsta]

I've been bashing my head against a wall for a while now, trying to enable SSL within Zencart. Any help or direction to a resource that would answer this question would be GREATLY appreciated...Going through this page is how I got this far to begin with:
https://www.zen-cart.com/tutorials/index.php?article=14

Currently, the Zencart store and admin panel work fine as long as SSL is set to false in include/configuration.php and admin/include/config.php.

I am currently using Zencart Version: v1.3.9h

I've also verified I can get to
https://www.reelhotlures.com and https://reelhotlures.com through my browser without an error, so I'm assuming the SSL is working correctly, but I don't know what's causing Zencart to break once enabled.

I get these error messages when trying to access either while enable SSL is set to 'true':
-------------
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

More information about this error may be available in the server error log.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at reelhotlures.com Port 443
------------------

Below is what I have for include/configure.php and admin/include/configure.php.

(I should note that I've tried entering both 'reelhotlures.com' and 'www.reelhotlures.com' within their respective http/https server fields, with no luck using either)

include/configure.php:
define('HTTP_SERVER', 'http://reelhotlures.com');
define('HTTPS_SERVER', 'https://reelhotlures.com');

define('ENABLE_SSL', 'true');


admin/include/configure.php:
define('HTTP_SERVER', 'http://reelhotlures.com');
define('HTTPS_SERVER', 'https://reelhotlures.com');
define('HTTP_CATALOG_SERVER', 'http://reelhotlures.com');
define('HTTPS_CATALOG_SERVER', 'https://reelhotlures.com');

define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');

----------------------

I can provide screenshots of how things are set up... Yes, I'm using GoDaddy. From what I have read, that wasn't the best way to go. However, switching my host is not an option at this point.

Here is a screenshot of the SSL cert through GoDaddys panel, so it is registered and active:
(I've blurred out some information on these screenshots because I'm not sure what is sensitive information and what is not)
http://reelhotlures.com/images/example4.jpg

Within my GoDaddy account is a Virtual Dedicated server, that I have the reelhotlures.com site hosted on.
http://reelhotlures.com/images/example2.jpg

On this Virtual Dedicated Server, I also have the SSL hosted and active. If I click on the reelhotlures.com link in this image, it takes me (successfully) to https://reelhotlures.com.
I have also confirmed that going to 'https://WWW.reelhotlures.com' works as well (this is also noted in the zencart faq).
Also, in this screenshot, I have noticed it does say that 'No SSL certificate is currently shared' .... so the SSL SHOULD be a 'DEDICATED' SSL, correct? (I ask because the Zencart FAQ says to verify which type you have, dedicated/shared)
http://reelhotlures.com/images/example3.jpg

And finally, here is a screenshot of the Cpanel for the reelhotlures.com hosted site that is on Virtual Dedicated Server. If I go into the SSL manager, I can see all the keys associated with the SSL. I've noticed it lists the home directory as home/reelhot, but I'm not sure if this should go into the Configure.php files or not. I've also noticed that at the very bottom it lists a 'shared IP address' ... which is the ip address of the virtual dedicated server. I'm not sure if that's important to note.
http://reelhotlures.com/images/example1.jpg

[RescoCCC]

Your Godaddy SSL cert is not installed. Right now, it's a self-cert.

[gilby]

You need a "dedicated" IP address for SSL to work correctly.
Not a "shared" IP

Also see this
http://www.sslshopper.com/ssl-checke...elhotlures.com
and
http://www.sslshopper.com/ssl-checke...elhotlures.com

[Famsta]

Ok, so it appears I left out a step when installing the SSL cert from GoDaddy to my Virtual Dedicated Server. I checked the links you supplied me Gilby, (after I finished installing it), and it appears everything is working for the SSL cert now. So, thank you so much for that.

However, something strange is still going on:

(Using FireFox)
If I go to https://reelhotlures.com, its still saying Verfied by: Not specified, with no blue bar.

HOWEVER, if I go to https://reelhotlures.com/zen_catalog/, I DO get the blue bar, and it's saying verified by GoDaddy. (Which is very refreshing)

Unfortunately, the catalog is still broken while SSL is enabled, and I get the same 'internal server error' message as I posted before. This is the same for the admin page as well. (The blue bar shows up, but I get an error and it doesn't load). I've cleared my cache and cookies, and restarted, but with no luck.

Is this happening because as you said I need a "dedicated" IP? I thought the server HAD a dedicated IP. It's always the same IP to log into the WHM panel.

I DID have to install the cert using the user 'nobody', as it gave me an error when trying to use the site specific username.

Am I pretty much screwed in trying to get this to work with a Virtual Dedicated Server? Or is there still a way around it? I feel like I'm so close to success, but scared I'm going to hit a wall and there's going to be no way to configure because of how it is hosted. :crosses fingers and waits for reply:

[RescoCCC]

Is this happening because as you said I need a "dedicated" IP? I thought the server HAD a dedicated IP. It's always the same IP to log into the WHM panel.

Even if it's a shared IP address it will show the same one. It's showing you the IP address for the server you're on.

[Famsta]

So is it specifically because I have a shared IP that the catalog/admin panel is breaking when enabling SSL? If so, is there ANY way to circumvent that? Or am I basically just screwed, and need to find a different hosting solution?

[selcyis]

Question:

How would I force the https:// when going to the site instead of having it go to http:// ?

[DrByte]

Question:

How would I force the https:// when going to the site instead of having it go to http:// ?

Simple: change your HTTP_SERVER define from starting with 'http://' to start with 'https://' ... well, put the correct URL into it.

If you're using a shared-cert, don't do that, because your customers will see that you're sending them to some other random site and will just quit and go someplace else.

But, unless you've got a solid business reason for making "every" page be https, then don't. Zen Cart already takes care of SSL where it's required. Changing that is overkill and pointless for 95% of all stores. Don't do it unless you know EXACTLY why you're doing it.