Trouble with Shared SSL Certificate Set-Up

[SilverHD]

Hello:

I am having trouble with my SSL. I am using a shared SSL certificate. I thought I had both configure files set up correctly but I am still getting an error that the website does not supply ownership information and that the connection is not encrypted. When I place https://www.mygiftsite.com into the address bar the site map shows up. I am able to go to the actual site by clicking on “Home.”

The define path parameters that I have set up for includes/configure.php are:

define('HTTP_SERVER', 'http://www.mygiftsite.com');
define('HTTPS_SERVER', 'URL for my certificate’);

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

The define path parameters that I have set up for admin/includes/configure.php are:

define('HTTP_SERVER', 'http://www.mygiftsite.com');
define('HTTPS_SERVER', 'URL for my certificate');
define('HTTP_CATALOG_SERVER', 'http://www.mygiftsite.com');
define('HTTPS_CATALOG_SERVER', 'https://www.mygiftsite.com');

// secure webserver for admin? Valid choices are 'true' or 'false' (including quotes).
define('ENABLE_SSL_ADMIN', 'true');

// secure webserver for storefront? Valid choices are 'true' or 'false' (including quotes).
define('ENABLE_SSL_CATALOG', 'true');


I apparently don’t have this set correctly or something else is wrong. Can someone put me on the right path?

Thanks much for your help,

Silver

[soxophoneplayer]

Here's part of what my zc 1.5.5a admin config has in it (with actual names changed):

Code:

 * Enter the domain for your Admin URL. If you have SSL, enter the correct https address in the HTTP_SERVER setting, instead of just an http address.
 */
define('HTTP_SERVER', 'https://myservernumberoncamelot-hosting.com/~myusername');
/**
 * Note about HTTPS_SERVER:
 * There is no longer an HTTPS_SERVER setting for the Admin. Instead, put your SSL URL in the HTTP_SERVER setting above.
 */

/**
 * Note about DIR_WS_ADMIN
 * The DIR_WS_ADMIN value is now auto-detected.
 * In the rare case where it cannot be detected properly, you can add your own DIR_WS_ADMIN definition below.
 */

/**
 * Enter the domain for your storefront URL.
 * Enter a separate SSL URL in HTTPS_CATALOG_SERVER if your store supports SSL.
 */
define('HTTP_CATALOG_SERVER', 'https://myservernumberoncamelot-hosting.com/~myusername');
define('HTTPS_CATALOG_SERVER', 'https://myservernumberoncamelot-hosting.com/~myusername');

/**
 * Do you use SSL for your customers login/checkout on the storefront? If so, enter 'true'. Else 'false'.
 */
define('ENABLE_SSL_CATALOG', 'false');

/**
 * These DIR_WS_xxxx values refer to the name of any subdirectory in which your store is located.
 * These values get added to the HTTP_CATALOG_SERVER and HTTPS_CATALOG_SERVER values to form the complete URLs to your storefront.
 * They should always start and end with a slash ... ie: '/' or '/foldername/'
 */
define('DIR_WS_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');

/**
 * This is the complete physical path to your store's files.  eg: /var/www/vhost/accountname/public_html/store/
 * Should have a closing / on it.
 */
define('DIR_FS_CATALOG', '/home/myusername/public_html/');

Note that myusername isn't my store name or store url - it's my username/account name on the shared server at my hosting company.
Note also that myusername is preceded with a '~' in the first three instances, but not the last. I have no idea why, but this is what works ;o)
And also note that my http server is also defined by me with https, not http.

For the enable ssl - if you set that to true, then the site will switch to ssl only on certain pages determined by the zen cart - ie shopping cart, checkout - the higher risk pages. For everything else it goes to non ssl. So to make your entire site ssl you set that to false.

I got these instructions from a faq on my server's web site. Didn't know/understand about it for years. Even then the instructions were difficult for me to follow but eventually got it sorted with many trials and errors. What a pain!

The set up above gives me ssl for everything EXCEPT the landing main page if someone types http: when looking for it. In that case they land on a non-ssl main page but anything they click thereafter is ssl. I resolved this last issue with help from the forum - creating an htaccess redirect following the example in the 'extras' folder of the zencart file package.

My specific server name, user name etc are all visible on my c-panel.

[SilverHD]

soxophoneplayer:

It appears as though v.155a does not have both configure files as does v.154 which makes this even more confusing. You can see how v.154 is set up by what I have shown above. Not sure at this point if they are similar or not?

Silver

[SilverHD]

Hello again,

I just found out that I have a dedicated SSL certificate and have made the appropriate changes. I have made the other changes that you recommended soxophoneplayer, so thank you. I am still getting the same error messages and can't figure out why. I am currently online with my host to try to figure this out. Any other help is appreciated.

Silver

[DrByte]

soxophoneplayer:

It appears as though v.155a does not have both configure files as does v.154

Um, yes, v155 requires 2 configure.php files, just like v154 did. Their contents are significantly different, and zc_install automatically updates their structure during an upgrade.

But, the defines which you must edit are indeed the same: on storefront: HTTPS_SERVER, DIR_WS_HTTPS_CATALOG, ENABLE_SSL
And on the admin: HTTP_SERVER only. (It ignores HTTPS_SERVER and ENABLE_SSL_ADMIN, because on the Admin you just put your SSL URL in HTTP_SERVER. Admin only)

[SilverHD]

Dr. Byte:

Thank you for your response, but, as I said earlier, I have been in contact with my host and still have not solved the problem with the error that I am receiving. You can see it for yourself. Just call up the site at https://www.mygiftsite.com and you will see the normal lock with the exception of the small orange triangle at the bottom right. If you hover over it, you will see that it says, “This website does not supply identity information.” If you click on it, it will say that the connection is not secure. If you click further, you will see additional information that will go against the idea that there should be an SSL connection.

This is what I was told by my host: “For the SSL certificate of mygiftsite.com, the SSL certificate is installed successfully and passes all checks without error. Otherwise, I had earlier observed that the default redirect behavior of mygiftsite.com at the time was still set to load from the standard non-secure protocol (i.e. http://) and not the secure protocol (https://) for SSL certificate functionality. That has now been corrected such that typing to mygiftsite.com redirects to https://www.mygiftsite.com/.”

“So at this point, I see that in the browser it is reporting that the site is secure, albeit flagging up a warning regarding the use of mixed content in your site's pages which is outsourcing from a network location(s) that is not secure. The content sourced from your cPanel account containing mygiftsite.com within our company is fine and secure, but the problem of mixed content in question is a problem solely within how the developer created the website in question in the website's source code. Thus it would have to be the responsibility of the developer of the website to troubleshoot their source code. If the website uses third-party plugins or code, then please contact the developers of that content. Our technical support does not cover errors existing within custom source code of a website.”

As you can see, I am at an impasse and don’t quite know what to do. I need to somehow eliminate this error or I won’t be able to attract customers. Any assistance is greatly appreciated.

Thanks,

Silver

[DrByte]

flagging up a warning regarding the use of mixed content in your site's pages

See This page contains both secure and nonsecure items (or "Unauthenticated content" or "connection partially encrypted").