SSL sub-domain issues

[butterflyo]

Guys, I've ordered the book and it will be 20 days away. After spending 5 hours searching in the forum/wiki/etc - I need some help in getting my SSL working.

I have my store in a subdomain 'store' and the secure SSL is within its own subdomain 'secure'.

Could someone plse point me in the correct direction. Thanks!

error msg: The requested URL //admin/login.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

define('HTTP_SERVER', 'https://secure.domainname.com');
define('HTTPS_SERVER', 'https://secure.domainname.com');
define('HTTP_CATALOG_SERVER', 'http://www.store.domainname.com');
define('HTTPS_CATALOG_SERVER', 'https://secure.domainname.com');

define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');

define('DIR_WS_ADMIN', '/store/admin/');
define('DIR_WS_CATALOG', '/store/');
define('DIR_WS_HTTPS_ADMIN', '/store/admin/');
define('DIR_WS_HTTPS_CATALOG', '/store/');

define('HTTP_SERVER', 'http://www.store.domainname.com');
define('HTTPS_SERVER', 'https://secure.domainname.com');

define('ENABLE_SSL', 'true');

define('DIR_WS_CATALOG', '/store/');
define('DIR_WS_HTTPS_CATALOG', '/store/');

[kobra]

First off - what complete domain name is your SSL issued to?

Remaining answers depend on the above...

[butterflyo]

Hi Kobra, thanks for responding -

The certificate is set as like this ->
https://secure.domainname.com

I've replaced my store with a generic name, hope thats okay.

[butterflyo]

More information - I've put a htm file into the secure.domainname.com and called up the file - the page displayed along with the golden lock.

Your communication with the server secure.domainname.com is encrypted. Opera has classified the encryption as strong (3).

the server secure.domainname.com has identified itself with an electronic certificate. The certificate is signed and verified by an issuer that is on this browser's list of trusted authorities.

myenv.php only showed this: [same on root & store.domainname.com]

$HTTP_HOST = www.store.domainname.com
$HTTPS_HOST =
getenv('SERVER_PORT') = 80
getenv('HTTPS') =
getenv('HTTP_X_FORWARDED_SERVER') =
getenv('HTTP_X_FORWARDED_HOST') =
getenv('HTTP_X_FORWARDED_BY') =
$_SERVER['HTTPS'] =
getenv('DOCUMENT_ROOT') = /home/xxxx/public_html/store
$DOCUMENT_ROOT = /home/xxxx/public_html/store

put the myenv inside the secure SSL folder

$HTTP_HOST = secure.domainname.com
$HTTPS_HOST =
getenv('SERVER_PORT') = 443
getenv('HTTPS') = on
getenv('HTTP_X_FORWARDED_SERVER') =
getenv('HTTP_X_FORWARDED_HOST') =
getenv('HTTP_X_FORWARDED_BY') =
$_SERVER['HTTPS'] = on
getenv('DOCUMENT_ROOT') = /home/xxx/public_html/secure
$DOCUMENT_ROOT = /home/xxx/public_html/secure

How to set up SSL with zen cart for non-root stores? This is as far as I can get. Hope someone can assist please!
Should the session be set on ID or cookies or ?

[kobra]

The certificate is set as like this ->
https://secure.domainname.com

I actually do not want to know what you are setting this to....

I am asking the what domain the certificate was issued to?

This will not have the htpps: as a prefix but will have been issued to a specific domain name and be either with or without a prefix of www.

[butterflyo]

hi kobra,

it does not have the www prefix.

thanks.

[kobra]

it does not have the www prefix.

so get to it - who is this certificate issued to? exactly...

Post the actual information that is in the certificate as to the "Issued To" CN

[butterflyo]

sorry forgot to include it - please take out the spaces

secure. acres australia .com .au

[kobra]

Code:

define('HTTP_SERVER', 'https://secure.domainname.com');
define('HTTPS_SERVER', 'https://secure.domainname.com');
define('HTTP_CATALOG_SERVER', 'http://www.store.domainname.com');
define('HTTPS_CATALOG_SERVER', 'https://secure.domainname.com');

define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');

define('DIR_WS_ADMIN', '/store/admin/');
define('DIR_WS_CATALOG', '/store/');
define('DIR_WS_HTTPS_ADMIN', '/store/admin/');
define('DIR_WS_HTTPS_CATALOG', '/store/');

From what you posted: red my highlight

Well follow closely as this is convoluted the way you have it

First you are telling it that the files are in secure.domain.com

Then in the next 2 you state that the catalog files are in 2 directories

www.store.domain.com and secure.domain.com

The next 2 are normally set to false as it is not necessary to have your shoppers browse your catalog in secure mode...only login and CC transactions need be secure.

The next you state that admin is in /store/admin/ and the catalog is in /store/ and the secure catalog is in /store/ where earlier you said that it was in htpps://secure.domain.com

About the same issues in the other config

You can move all the files to the secure directory or you can replicate either the catalog files from the store in the secure or the easiest is to spend $16 US and obtain another Cert issued to just the domain.com name and do this like most others do. You can utilize the secure for other things if you have other programs that you will also run on this account....