Need Help Properly Applying SSL to Checkout

**jmcqueen** · 4 Nov 2007, 06:46 PM

cgolberg:
did ajeh's post fix your problem?
john

**cgoldberg** · 4 Nov 2007, 07:01 PM

Sure did - not sure how the line got there as it was at the bottom of the code, but it did
Thanks!

**Bahnstoermer** · 13 Nov 2007, 01:18 AM

Originally Posted by DrByte

I'm afraid the advice you were given earlier is misleading. The YOURDIRECTORY part should probably be in the DIR_WS_CATALOG and DIR_WS_ADMIN instead of the HTTP_SERVER ... and similarly for the HTTPS entries.

It works like this:

For Catalog addresses, the HTTP_SERVER and DIR_WS_CATALOG are combined to make the non-SSL URL to your site.
And HTTPS_SERVER and DIR_WS_HTTPS_CATALOG are combined to make the SSL URL.

For Admin addresses, the HTTP_SERVER and DIR_WS_ADMIN make the non-SSL URL and the HTTPS_SERVER and DIR_WS_HTTPS_ADMIN make the SSL URL.
(The catalog references in the admin configure.php file operate similarly.)

Basically, the DIR_WS_xxxxx entries would contain the common foldername where your site is stored. In most situations, this is a foldername "under" the "public_html" folder.

If you have a shared-SSL setup, you should put the entire special shared URL in the HTTPS_SERVER line, but leave the "common" folder path in the DIR_WS_xxxxx line.

ie:
HTTPS_SERVER could be "https://your_site.com" and DIR_WS_CATALOG "/zencartfolder/".
or
HTTPS_SERVER could be "https://my_hosts_shared_server/~myusername" and DIR_WS_CATALOG would still be "/zencartfolder/" or DIR_WS_ADMIN would be "/zencartfolder/admin/"

Dr. Byte -

Thanks for your explanation. I have two things that have caused me to bring this back up.
1) I am told the SSL I have is not a shared set up.
2) I haven't implemented something quite right, because while doing general site testing I discovered that when clicking on an order confirmation link sent from my store, the page is not found due to an improper link. The same error occurred elsewhere and was related to my SSL code. What happens is that I'm getting a link in the email that is:

Code:

https://*****.com/catalog/catalog/index.php?main_page=account_history_info&order_id=2496

instead of...

Code:

https://******.com/catalog/index.php?main_page=account_history_info&order_id=2496

Please note that I happened to rename my entire zencart folder to /catalog which is now a funny situation for troubleshooting this. If I need to provide actual link, I will be happy to PM it.

My code now looks like:

Code:

 */
  define('HTTP_SERVER', 'http://******.com/catalog');
  define('HTTPS_SERVER', 'https://******.com/catalog');
  define('HTTP_CATALOG_SERVER', 'http://******.com/catalog');
  define('HTTPS_CATALOG_SERVER', 'https://******.com/catalog');

  // Use secure webserver for catalog module and/or admin areas?
  define('ENABLE_SSL_CATALOG', 'true');
  define('ENABLE_SSL_ADMIN', 'false');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
  // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
  define('DIR_WS_ADMIN', '/catalog/admin/');
  define('DIR_WS_CATALOG', '/catalog/');
  define('DIR_WS_HTTPS_ADMIN', '/catalog/admin/');
  define('DIR_WS_HTTPS_CATALOG', '/catalog/');

And

Code:

  define('HTTP_SERVER', 'http://******.com');
  define('HTTPS_SERVER', 'https://******.com');

  // Use secure webserver for checkout procedure?
  define('ENABLE_SSL', 'true');
  define('DIR_WS_CATALOG', '/catalog/');
  define('DIR_WS_HTTPS_CATALOG', '/catalog/');

  define('DIR_WS_IMAGES', 'images/');
  define('DIR_WS_INCLUDES', 'includes/');
  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
  define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
  define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

  define('DIR_WS_PHPBB', '/');

And now if I recall, I got the same problem when I tried to make the Admin area SSL, so fixing this would be greatly appreciated. Thanks in advance!

**Bahnstoermer** · 13 Nov 2007, 01:37 AM

GAWD I hate that time limit.

I posted the wrong code above, ignore that portion.

/admin/includes code:

Code:

 define('HTTP_SERVER', 'http://******.com');
  define('HTTPS_SERVER', 'https://******.com/catalog');
  define('HTTP_CATALOG_SERVER', 'http://******.com');
  define('HTTPS_CATALOG_SERVER', 'https://******.com/catalog');

  // Use secure webserver for catalog module and/or admin areas?
  define('ENABLE_SSL_CATALOG', 'true');
  define('ENABLE_SSL_ADMIN', 'false');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
  // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
  define('DIR_WS_ADMIN', '/catalog/admin/');
  define('DIR_WS_CATALOG', '/catalog/');
  define('DIR_WS_HTTPS_ADMIN', '/catalog/admin/');
  define('DIR_WS_HTTPS_CATALOG', '/catalog/');

/includes code

Code:

// Define the webserver and path parameters
  // HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
  // HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
  define('HTTP_SERVER', 'http://******.com');
  define('HTTPS_SERVER', 'https://******.com');

  // Use secure webserver for checkout procedure?
  define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
  // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
  define('DIR_WS_CATALOG', '/catalog/');
  define('DIR_WS_HTTPS_CATALOG', '/catalog/');

  define('DIR_WS_IMAGES', 'images/');
  define('DIR_WS_INCLUDES', 'includes/');
  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
  define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
  define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

  define('DIR_WS_PHPBB', '/');

**kobra** · 13 Nov 2007, 01:50 AM

I think that I only saw one mistake or 2 get rid if the catalog at this locations

Code:

 define('HTTP_SERVER', 'http://******.com');
  define('HTTPS_SERVER', 'https://******.com/catalog');
  define('HTTP_CATALOG_SERVER', 'http://******.com');
  define('HTTPS_CATALOG_SERVER', 'https://******.com/catalog');

  // Use secure webserver for catalog module and/or admin areas?
  define('ENABLE_SSL_CATALOG', 'true');
  define('ENABLE_SSL_ADMIN', 'false');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
  // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
  define('DIR_WS_ADMIN', '/catalog/admin/');
  define('DIR_WS_CATALOG', '/catalog/');
  define('DIR_WS_HTTPS_ADMIN', '/catalog/admin/');
  define('DIR_WS_HTTPS_CATALOG', '/catalog/');

**Bahnstoermer** · 13 Nov 2007, 02:17 AM

That fixed the improper link in the order cofirmation page - THANK YOU.

Working on the Secure Admin area now...

**Bahnstoermer** · 13 Nov 2007, 10:51 PM

NOTE: As of v1.3.x, the Admin area can only secure the "login" page via SSL unless you set the HTTP_SERVER in your "admin/includes/configure.php" to an SSL URL, in which case the entire admin area will be treated as SSL rather than only selected relevant pages. This will be changing during the admin-rewrite phase scheduled for Zen Cart v1.6.

I'm a little confused about how to implement this paragraph in code. Is this the code we're talking about, and modification should be... ? Each time I try something, I get locked out of the Admin

Code:

  define('HTTP_CATALOG_SERVER', 'http://*****.com');
  define('HTTPS_CATALOG_SERVER', 'https://*****.com');

**Merlinpa1969** · 13 Nov 2007, 11:03 PM

Makle this

Code:

define('HTTP_CATALOG_SERVER', 'http://*****.com');
  define('HTTPS_CATALOG_SERVER', 'https://*****.com');

to

Code:

define('HTTP_CATALOG_SERVER', 'https://*****.com');
  define('HTTPS_CATALOG_SERVER', 'https://*****.com');

notice the S in the top link

this will force the entire admin to be secure,
please note that running the entire admin in SSL may cause speed issues

**Bahnstoermer** · 14 Nov 2007, 12:56 AM

Somehow I tried that but it didn't work before - perhaps I left a browser open / logged in or something - but it works now. Thanks!

Thread: Need Help Properly Applying SSL to Checkout

Thread Tools

Search Thread

Display

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Re: Need Help Properly Applying SSL to Checkout

Similar Threads

v139h Gift Voucher coupon - not applying properly

SSL Issue with loading Checkout Page properly

Do I need SSL Certificate for checkout process

Do I need SSL with Express Checkout?

Need Help W/ Applying Certain Shipping Methods To Certain Items While Using Flat Rate

Bookmarks

Bookmarks

Posting Permissions