Re: SSL secure and non-secure items
I also have secure / nonsecure issues on our site.
The worrisome section is here: https://www.vermontyarnco.com/store/ --this bit *should* be secure. So should all the subpages and the GET queries (e.g. http://www.vermontyarnco.com/store/i...ndex&cPath=243 ) but clicking on a category is not sending me to secure pages.
I have checked links to offsite services (such as addthis and google-plus) and converted those to https where needed (in my own templates tpl_footer and tpl_header)
I did alter the includes/configure.php file also, but it does not seem to be fixing the issue:
Code:
// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg-http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg-https://www.yourdomain.com
define('HTTP_SERVER', 'https://www.vermontyarnco.com');
define('HTTPS_SERVER', 'https://www.vermontyarnco.com');
// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');
I did try Dr. Bytes ssltest.php script and it looked correct (https://www.vermontyarnco.com/store/ssltest.php) it appears teh SSL certificate (this is the first one I've tried t work with) is installed correctly but I am not sure what I need to adjust correctly elsewhere.
Still running 1.3.9 (it was such a timesink to upgrade last time that I haven't found time to do it again)
Could someone give me fresh eyes on this?
Thank you ever so much!
Kir
Re: SSL secure and non-secure items
While you have your SSL setup correctly, you site is NOT designed to be secure for *everything* (which is normal for a ZC store) ...
You will notice if you mouse over Login that this is a secure link with https: in the link ... if you mouse over other things that do not need to be secure you will see http: in the link ...
Re: SSL secure and non-secure items
I've had a lot of problems with my Website following the application of an SSL. Although I have edditted configure.php the url appears in Firefox without "http://" or "https://", but the Page Info advises that it is not encrypted. If I type "https://" in front of the url then the Page Info advises that it is encrypted, but if I leave then return to the page the encryption is lost.
My Website has two distinct sections: my original HTML www.mydomainname.com and a subsequently added Zen Cart shop (v1.5.1), php mydomainname.com. I confess to not knowing why the php shop section does or doesn't take up the “www.”, but is having one section with the “www.” and other without it causing problems when trying to apply the SSL?
Regards
Bob
