Results 1 to 5 of 5
  1. #1
    Join Date
    Jan 2006
    Posts
    23
    Plugin Contributions
    0

    Default SSL being a right nightmare!!!!

    Agggghh, my head hurts.

    Ive been building a webshop for my work for a while now and the final step i need to take with it is the SSL. However im having a right nightmare with it.

    I wanted to have the secured server at the domain http://secure.martinbrownpaints.net

    And the normal catalouge is at
    http://martinbrownpaints.net/shop

    A few weeks ago i got a trial comodo cert and went to install through cpanel. I made a sub domain for the secured side - secure.martinbrownpaints.net and then sorted the dns out and installed the cert through cpanel. However, it didnt work. I had a look through httpd.conf and cpanel hadent written the relevant data to it for the ssl to work. So i did a little work around creating a new virtual host for it. Bear in mind the whole site was running of its own ip addy at the time. This cured the problem. I set the configure.php files to have the https at https://martinbrownpaints.net/~mbpaints and it worked. I was however concerned about doing the patch in httpd.conf as i assumed cpanel would do this for me.

    I contacted my data center and they told me that this was a bad idea as i may break my apache config. And that the ip addresses had conflicts. I was told to delete the sub domain and then create a new acount for the sub domain through whm and then set that to the spare ip and have the standard site running off the other ip. This seams strange to me, but ive gone ahead and done all these changes.

    Ive bought a cert and installed it on the secure.martinbrownpaints.net acount and then put the catalouge in the root dir. I then changed the configure.php files to https://martinbrownpaints.net/~mbsecure (This is the new username)

    And now it doesnt work at all. See what i mean and click login - www.martinbrownpaints.net/shop

    I really do not have a clue about what is wrong with the config. Any help would be really appricieated!!!!!

  2. #2
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,755
    Plugin Contributions
    9

    Default Re: SSL being a right nightmare!!!!

    Do you really want your catalog to be run in the secure environment?

    The settings in the configure.php files will switch to the secure environ upon payment and this is normally what is done.

    You have most likely not set all the url pointers in the configure.php when you moved the catalog files and it is now having trouble finding the files and looking for them at http://martinbrownpaints.net/shop

    Search your files for the term "/shop" and see if this might be one of your problems.
    Zen-Venom Get Bitten

  3. #3
    Join Date
    Jan 2006
    Posts
    23
    Plugin Contributions
    0

    Default Re: SSL being a right nightmare!!!!

    Quote Originally Posted by kobra
    Do you really want your catalog to be run in the secure environment?

    The settings in the configure.php files will switch to the secure environ upon payment and this is normally what is done.

    You have most likely not set all the url pointers in the configure.php when you moved the catalog files and it is now having trouble finding the files and looking for them at http://martinbrownpaints.net/shop

    Search your files for the term "/shop" and see if this might be one of your problems.
    Thats what im trying to do. Enable SSL checkout, which also switches to ssl for logins. I tried what you said but still have the same problem? Can you suggest anything else?

    Thanks for the help. :)

  4. #4
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: SSL being a right nightmare!!!!

    Might be advisable to have your hosting company take care of it ... they're the ones with the knowledge of how their system is set up ... and generally should have the skills to do this for you.

    You don't want your secured content being served from a different server or account or file structure other than your non-secured content. It should all point to the same place.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Jan 2006
    Posts
    23
    Plugin Contributions
    0

    Default Re: SSL being a right nightmare!!!!

    Manged to get this sorted now so i thought id post up how i did it for others reference.

    I decided to throw away what my data center had said and deleted the spperate acount for the secure subdomain. Then i created the new subdomain on the main domains cpanel and set up the redirection. I then went and sorted out the dns, and put the whole site on a sepperate ip.

    Then i went into the shell and went back to my manually patched version of httpd.conf to add in the sub domain and SSL details and restarted apache.

    After this i found that the site worked and the subdomain worked on SSL, but it came with an error prompt saying that the cert was not issued by a valid company. Looking through a few sites i found out that this is a comon problem with WHM and intermediate certs, and all i needed to know was this -

    -------------------------------------------------------------
    Many cPanel versions won't allow proper installation of intermediate certificates via the WHM. That's why we recommend that you use the following manual installation method. This method works 100% of the time with WHM/cPanel.
    To complete the installation, you will need the sslbundle.crt file from the ZIP file that was e-mailed to you when your certificate was issued. If you have misplaced it, don't worry - you can download it below:

    Download the XRamp intermediates here.


    Save the sslbundle.crt file to a directory on your server, and be sure to note the directory path. Generally, you can find Apache's configuration file in /etc/httpd/conf/httpd.conf, but you may need to search for it. Sometimes the SSL configurations are in a file called ssl.conf.

    Open the configuration file in a text editor and search for the virtual host. You can search by your server's address or IP address. Once you find the virtual host which matches your host, look for two lines that start with SSLCertificateFile and SSLCertificateKeyFile. Add (or adjust) a line right below those two that should read:

    SSLCACertificateFile /path/sslbundle.crt

    Save and close the configuration file.
    --------------------------------------------------------

    After an apache restart it works perfectly.

    Hope this helps anyone who has similar issues....

 

 

Similar Threads

  1. SSL nightmare on GoDaddy v1.3.8a
    By kathis in forum General Questions
    Replies: 1
    Last Post: 24 Aug 2010, 12:53 PM
  2. CSS not being read from a shared SSL
    By kageosx in forum Templates, Stylesheets, Page Layout
    Replies: 5
    Last Post: 10 Nov 2009, 12:55 PM
  3. SSL not set up right
    By vinyardo in forum Installing on a Linux/Unix Server
    Replies: 13
    Last Post: 12 Oct 2007, 02:12 PM
  4. enable ssl being ignored
    By jonathan_pohl in forum General Questions
    Replies: 7
    Last Post: 17 Aug 2006, 03:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg