I am with Melanie:
also see:Fact is, a 256 bit domain validated SSL will cost you $10.00 and there is not reason to mess around with shared SSLs.
~Melanie
http://www.zen-cart.com/forum/showthread.php?t=147054
I am with Melanie:
also see:Fact is, a 256 bit domain validated SSL will cost you $10.00 and there is not reason to mess around with shared SSLs.
~Melanie
http://www.zen-cart.com/forum/showthread.php?t=147054
My host does not have a ssl manager nor CSR nor CRT. It only has GnuPG. Can you recommend a low cost host that supports zencart with a private ssl?
In the meantime, I will have the checkout over http since paypal is secure. I was just hoping I could use the shared ssl to make the cusomers able to checkout and enter their registration information over https, I guess it is not possible with a shared ssl in my case.
No you can't do SSL on shared hostingReally? Since when can't you use a shared SSL? And with a dedicated IP you can even have a dedicated SSL certificate on a shared host ... at least last I checked.
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.
This statement is actually WRONG.
Shared ssl url is very possible.
We offer it on almost all of our accounts
It isnt as pretty as a dedicated ssl cert but works just as well
as to not needing one this is technically correct, however the public is programmed that they need to look for the little lock when they enter their personal details.
Zen cart PCI compliant Hosting
A shared ssl should work. Right. So back to my original question, how do I fix the "your session has timed out" when checkout is clicked. The problem only happens when ssl is enabled.
I applied this fix from a bug fix that was for php version 4 even though mine is 5.2.12 that was suggested to be put after "regenerate" to originally fix an admin logout problem:
So now instead of a "session expired" error, I get a "browser cannot display the webpage" error. But at least it is putting the https now when clicking on checkout.Code:setcookie( session_name(), session_id(), ini_get("session.cookie_lifetime"), "/" );
"https://nommos.sslcatacombnetworking.com~revelati/zencart/index.php?main_page=checkout_shipping&zenid=d94cc586b9915b9d95cedd071a3e59d9"
Looks like I'm making progress with this. Any of you gurus have any ideas to get the page fixed? It could still be a problem with nonsecure items and relative paths, but all my paths are relative as shown in my other post.
wondering if this line is correct:
define('DIR_FS_CATALOG', '/home/revelati/public_html/zencart
some virtual paths have home and some just have /zencart/ ????
Last edited by ramblin54321; 13 Feb 2010 at 01:35 AM.
This code in checkout shipping is where it is stuck.
Maybe it's a Zencart bug with the link not giving the path to the login file?Code:// validate customer if (zen_get_customer_validate_session($_SESSION['customer_id']) == false) { $_SESSION['navigation']->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_SHIPPING)); zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
Nope. Red herring. If it had the wrong path, you wouldn't be sent back to a Zen Cart page.
Almost all SSL-related issues, including timeouts, are a result of an improperly-installed SSL certificate, or busted cookies in the browser, or busted browser security settings (IE8 is biggest culprit there), or someone has mussed with the session code or has changed the session settings in the admin from their default values.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
No, not a Zen Cart bug or there wouldn't be thousands and thousands of shops operating correctly.
It is not allowing your to login because your SSL is not right.
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.