Problems with Checkout SSL

[darrenp]

Hello,

I have installed Zen Cart on my own Apache2 webserver. I have bought and installed my SSL certificates, and when I add an HTTPS to my website name, or use the admin panel, I do show a lock in my browser.

However, thats the only time I see it. The website is not going into secure mode when I go to checkout. I am using the AUTHORIZE.NET (AIM) and credit card transactions are going through and being approved and denied. Can somebody give me a hand?

This is a relevant file on my Apache server, have I done something wrong? The SSL admin panel works just fine. Is it my apache config?

Please help, thankyou!

NameVirtualHost *:80
NameVirtualHost *:443


<VirtualHost *:80>

ServerAdmin webmaster@localhost

DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
RedirectMatch ^/$ /catalog/
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

</VirtualHost>

<VirtualHost *:443>

ServerAdmin webmaster@localhost
SSLEngine on
SSLCertificateKeyFile /etc/apache2/www.mustanglighting.com.key
SSLCertificateFile /etc/apache2/www.mustanglighting.com.crt
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
RedirectMatch ^/$ /catalog/
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

</VirtualHost>

Here is some of /includes/configure.php. Do I need to show more?

// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
define('HTTP_SERVER', 'http://www.mustanglighting.com');
define('HTTPS_SERVER', 'https://www.mustanglighting.com');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'TRUE');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
define('DIR_WS_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');

And here is a bit of /admin/includes/configure.php

define('HTTP_SERVER', 'http://www.mustanglighting.com');
define('HTTPS_SERVER', 'https://www.mustanglighting.com');
define('HTTP_CATALOG_SERVER', 'http://www.mustanglighting.com');
define('HTTPS_CATALOG_SERVER', 'https://www.mustanglighting.com');

// Use secure webserver for catalog module and/or admin areas?
define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');

[darrenp]

Hello,

I have installed Zen Cart on my own Apache2 webserver. I have bought and installed my SSL certificates, and when I add an HTTPS to my website name, or use the admin panel, I do show a lock in my browser.

I've been working on this all day, and at some point, I completely wrecked my cart. It took me a while to piece everything back together. I don't really have any idea what I did, but everything is now working correctly.

I'm sorry I can't share what I did to correct this problem, and thanks if you looked into it.