Hi,

I'm trying to understand how the SSL integration in CubeCart works. I'm a web developer and have done a lot of work with the apache-modssl module. Ususally when I wrap traffic in https I determine what needs encrypting and place that in a directory that requires all traffic to be encrypted. CubeCart controls the encryption in software and I'm trying to understand how to set that up with my server.

If possible I'd like Apache to enforce my encrption. I'm running on a dedicated FC linux box at GoDaddy. This has a Plesk install of Apache with a httpdoc dir (unencrypted) and an httpsdoc dir (https). I've placed my store in the https directory. I've developed RewriteEngine rulesets to force store traffic to https and and everything else to http. These rulesets work fine and I've disabled these until my store is working. The only https/443 traffic on this server will be for CubeCart access.

The CubeCart installation works fine when called under the http (http://mysite/store) directory and I've added and deleted categories and products. But when I try to install under https (https://mysite/store) the install runs to completion and when I get to the screen to login to the store or admin area I cannot access the https://mysite/store/admin/ section. In my ssl error logs I see the generated url is to a directory named SSL_DOC_ROOT/store/admin/admin which of course doesn't exist. I was hoping there were additional docs on how https is supported in cubecart and how this works with mod_ssl.

Thanks for any info.

Does anyone know how CubeCart integrates SSL with Apache? Is there a tutorial or docs somewhere describing the SSL server/cubecart application linkage?

TIA.

In Plesk you can select the HTTPS protocol to use the same file space as HTTP. You can then install the store, install the certificate, enable SSL in CubeCart Admin adding the correct paths as requested, and that's it.

Robsta, Is all shopping cart traffic forced to be encrypted ? Thanks for you reply.

No, that's what CubeCart handles.