Thread: Ssl?

Page 1 of 2 12 LastLast
Results 1 to 10 of 11
  1. #1
    Join Date
    Jul 2009
    Posts
    29
    Plugin Contributions
    0

    Default Ssl?

    I'm not quite sure if this thread belongs here, so just let me know if it needs to be moved.

    I'm trying to figure out how to use SSL in Zencart, and unfortunately seem to be getting stuck in the basics. I'm using Yahoo to web host and have created an ssl subdirectory and have what I assume is a shared certificate.

    My site is www.serwachic.com/shop

    My question is - where the heck do I put the ssl subdirectory? Do I need to put all of my "shop" files into that subdirectory? Does it just need to be in serwachic.com? Oy - I'm sure this is beginner's stuff.

    And in what seems to be related - when I go to click on "log in" on my site, Firefox gives the message:
    Firefox doesn't know how to open this address, because the protocol (httpshttps) isn't associated with any program.

  2. #2
    Join Date
    Nov 2006
    Posts
    48
    Plugin Contributions
    0

    Default Re: Ssl?

    Hi,

    Have you tried looking here?

    https://www.zen-cart.com/tutorials/index.php?article=14

    Regards

    Chris

  3. #3
    Join Date
    Jul 2009
    Posts
    29
    Plugin Contributions
    0

    Default Re: Ssl?

    I did - and that is a helpful tutorial, but I think the problem I'm having is with Step 1. When creating the ssl subdirectory, I'm just a little lost as to where to put it.

    If I create it outside of my /shop folder, I get this: https://p4.secure.hostingprod.com/@w...achic.com/ssl/

    I tried making an index.html page inside /shop/ssl and linking that page to www.serwachic.com/shop, but when I did that - I lost the (s) in https and that was when I started having an issue with the log-in.

    If I create it inside my /shop folder, I get an error message when I try to access it.

  4. #4
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Ssl?

    You have a few options:

    1. Don't use SSL (not a recommended approach)

    2. Make a complete copy of your entire store's /shop/ folder ALSO inside your /ssl/ folder, AND keep it up to date anytime you add a file/image/addon/etc to the non-ssl folder. This makes for a lot of work and a lot of things to go wrong, and consumes double the disk space in your hosting account.

    3. Get the hosting company to create a "symlink" from your /ssl/ folder to point to your /shop/ folder. This would be ideal ... but I wouldn't be surprised if they say no unless you push all the way to the top of several levels of tech support staff.

    4. Use a more traditional hosting company whose servers are designed to give *you* control, not force you into someone else's way of thinking. See the "Certified Hosts" link at the top of this page for suggestions.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Jul 2009
    Posts
    29
    Plugin Contributions
    0

    Default Re: Ssl?

    Thanks for your quick response and explaining what I need to do so well - Unfortunately, I've already paid a year's fees for Yahoo - so as much as it sounds like it's going to be a huge (ugh...huge) inconvenience, looks like I have to go with #2.

    Bleck.

  6. #6
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Ssl?

    Shoot for #3 if you can convince them. It's not an uncommon thing.

    They're clearly gearing their hosting to basic simple page-based websites where only a few actual files are served over SSL, and not towards advanced script-driven sites like Zen Cart where all the processing runs from one main file based on the visitor's clicks, selections, and needs.

    If you do go with #2, you'll have to make sure your sets of configure.php files are kept separate, since the ones in your ssl folder will have slightly different things than your non-ssl couterparts. Other than that all other files should be the same in both sets.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7
    Join Date
    Jul 2009
    Posts
    29
    Plugin Contributions
    0

    Default Re: Ssl?

    Okay, so I'll try calling on Monday, 'cause I'm all about not having to have two sets of shops. Just to make sure I know what I'm talking about when I go to call and don't make a complete fool of myself:

    I need to create a /ssl folder that it outside of my /shop folder, and ask if they will create a symlink from the /ssl to the /shop? Does the term "symlink" go by any other name? Any thoughts on what I could say to convince them?

    Again, thank you so much for your help.

  8. #8
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Ssl?

    Well ... it seems, according to the documentation I saw on their website, that their SSL service *only* works by pointing to the /ssl/ folder in your webspace.

    If you can get them to serve SSL content from any other folder, such as /shop/ that'd be great. A symlink is one way one could do that.

    "Symlink" is short for "symbolic link": http://en.wikipedia.org/wiki/Symbolic_link They should understand what it is.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  9. #9
    Join Date
    Jul 2009
    Posts
    29
    Plugin Contributions
    0

    Default Re: Ssl?

    Yeah, as I was poking around, I found this:

    A symlink, or "symbolic link," is a type of entry that can be used in Unix-based computer systems to refer to another file or directory. The symlink is an alias for the other file or directory, and can in some cases function as a shortcut to that element. Symlinks are sometimes used to help navigate complicated file systems or to trick restrictive software applications into interpreting files a certain way. Yahoo! does not support the use of symlinks on members' sites.
    Boo for that. I still plan on calling, anyway. Worst that can happen is they tell me, "no."

  10. #10
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Ssl?

    Quote Originally Posted by serwachic View Post
    Symlinks are sometimes used to help navigate complicated file systems or to trick restrictive software applications into interpreting files a certain way.
    LOL ... they should reword that to talk about restrictive HOSTS forcing software to operate in a certain way!
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. v150 Question Re: POODLE SSL Vulnerability vs if I have no SSL certificate on my store
    By vandiermen in forum Built-in Shipping and Payment Modules
    Replies: 4
    Last Post: 16 Oct 2014, 12:43 AM
  2. Replies: 2
    Last Post: 15 Jun 2012, 12:18 AM
  3. user gets kicked off between ssl and non ssl
    By keneso in forum General Questions
    Replies: 9
    Last Post: 10 Aug 2011, 12:36 AM
  4. Should I go for dedicated SSL or free shared SSL? What's the deal?
    By calvinrobinson in forum General Questions
    Replies: 3
    Last Post: 28 Oct 2010, 03:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg