Jump to content

Anyone got SSL working yet with v3 final?

Guest

By Guest
in Install & Upgrade Support

 Share

Recommended Posts

Guest

Guest

Posted
Posted

Cubecart v3 beta didn't seem like shared ssl, was that fixed? I would like to use cubecart but I need to use ssl for my customers. Cubecart v2 didn't do very well either with ssl, as it put the entire site into https mode, causing high processes on my shared ssl server. I finally went with Zen-Cart. I would however like to use cubecart if the ssl stuff gets fixed... currently I have not tested v3 final with shared ssl, but if it hasn't been fixed since the beta then this should be mentioned in the read me and cubecartv3 is in no way ready for production sites.

Anyone have any demos of a secured store?

Link to comment
Share on other sites

Guest

Guest

Posted
Posted

After testing, I see the same problem exists:

in the admin panel I set:

main site: http://www.shockgadgets.com

https site: https://mars.nswebhost.com/~shock

Root SECURE Public HTML Folder to store: (Include Trailing Slash): cart/

Absolute SECURE URL to store: https://mars.nswebhost.com/~shock/cart

Server SECURE Root Directory:

(e.g. /path/to/your/secure/webstore): /cart/

After saving and reloading the admin panel it tries to load this:

hxxps://mars.nswebhost.com/~shock/cart/admin/settings/cart/admin/login.php?goto=/~shock/cart/admin/settings/index.php?

As you can see by the red letters, its trying to enter the admin folder within itself a second time.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Where are the settings saved now? Bad idea making the Admin panel use the SSL stuff, in the beta I could just change the global.inc.php file to clear the ssl flag, now I can't find that setting and I've locked myself out of the adminpanel.. lots of work to be done before this is production ready.

Link to comment
Share on other sites
Guest sbr

Guest sbr

Posted
Posted

:whistle: I have also managed to lock myself out... Is there anyone that can tell me where the setting is located so I can switch it off manually. I have looked everywhere, or so I think..

Thanks in advance

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

:) I have also managed to lock myself out... Is there anyone that can tell me where the setting is located so I can switch it off manually. I have looked everywhere, or so I think..

Thanks in advance

Yea you are pretty much screwed.. I posted it as a bug already. Apparently the settings are encrypted then saved to the database.. the only way I could fix it was to empty the database and redo the install process. Lets hope they get wise in 3.01

Link to comment
Share on other sites
Guest e-sellitall

Guest e-sellitall

Posted
Posted

Go into sslswitch file under includes and find at the beginning of the file it has the variable for enablessl=1 or something like that and change it to 0. Once I did that I was able to get back in after restarting apache. It is definately different from ver. 2 that had the globals. Let me know if that works for you.

Bob

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Go into sslswitch file under includes and find at the beginning of the file it has the variable for enablessl=1 or something like that and change it to 0.  Once I did that I was able to get back in after restarting apache.  It is definately different from ver. 2 that had the globals.  Let me know if that works for you.

Bob

Yea i tried that too originally.. no good for me.. still switched to the ssl server. and you shouldn't have to restart apache for a simple php file anyway.. plus I am using a linux based webhost company, can't just go restarting stuff.

Brooky replied to the bug entry, saying that he had to use PHP SERIALIZE to store the database info, then I assume he is using unserialize when he loads the data into the admin panel, but there is no good way to unserialize the data when you are locked out of the admin panel. PHP Serialize probably isn't the best way to go about that, especially something as sensitive as that, one mistake.. done.

Link to comment
Share on other sites
  • 2 weeks later...
Guest emailanj

Guest emailanj

Posted
Posted

Well its good to know that I am not alone and its not me :ninja: . I have spent the last 12 hours trying to fix this. I have been trying to get this cart to work for almost 2 weeks and have just re-installed the cart for the ? time. I have installed the 3.0.1 upload, not the upgrade and am still having the same problem with admin lockout although I do see some good fixes. I Do want to say a Big huge Thank you to Brooky and the whole gang...When this cart is finnished its going to be the best!!! I wish this was one of the fixes you guys put as priority. Unfortunatlly the customers that we have don't do paypal (we tried) a nice secure gatway is all they will respond to or phone in orders. How long before I can come back for the fix? :D

anj

Link to comment
Share on other sites
Guest vgascon

Guest vgascon

Posted
Posted

Like you, I made the mistake of activating SSL and then got locked out. I re-installed the cart but used a new database. Then I copied the table data from the old database over to the new database. I have a post in the General Support forum with more details as to what to watch out for.

I avoided a big disaster by following this path. However, it still was three hours of troubleshooting and then four hours of re-installation. Frustrating but interesting! These are the things that make computers fun and challenging!

Thank you Brooky and the CubeCart community for putting together one of the best shopping carts available!

Link to comment
Share on other sites
Guest emailanj

Guest emailanj

Posted
Posted

I have two questions.

1.) Did you ever get the SSL Cert working correctly?

2.) Do you have a active live site that customers can actually, confidently buy from?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

We have a working functional demo at http://demo.xtremex.net/v3/

Good to see someone has it working, Can you post your admin settings so we can see how you have it set up for ssl. I think its quite easy to do with a SSL Certificate, but more impressive would be a working Shared SSL demo. Anyone got that yet? v2 didn't work properly with shared, as it put the entire store into SSL mode. I heard v3 fixed that, but haven't gotten my Shared SSL to work with it yet.

I notice a lot of v2 cubecart owners have stores without SSL, very surprising, but not an option for me.

Link to comment
Share on other sites
Guest gws

Guest gws

Posted
Posted

re working demo at http://demo.xtremex.net/v3/, I tried this and it didn,t work? add the demo download to the cart, view cart and then delete the demo download and then click on home page, voila 404 page not found the url is http://demo.xtremex.net/v3//v3/index.php? note the double// and repeated v3. same old problem with ssl. CubeCart will be the mutts nuts when someone fixes ssl especially shared ssl. Cheers gws

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Holy crap! I figured it out!!!

I upgraded to 3.0.1

First let me explain my hosting provider's setup.

They have a shared SSL server on the same IP as my domain, so all the files are the same, only the address changes.

my domain: http://www.shockgadgets.com/cart

my ssl shared: https://mars.nswebhost.com/~shock/cart

that being said, below you will notice my setup... in my Cpanel, my user name is "shock" and my cc is in the "cart" folder, therefore the first field is /~shock/cart/

Root SECURE Public HTML Folder to store: (Include Trailing Slash) : /~shock/cart/

the url is self explanatory, based on the info above:

Absolute SECURE URL to store:

e.g. hxxps://secure.domain.com: https://mars.nswebhost.com/~shock/cart

finally, the path doesn't really change for my domain path, I thought it would be something like home/~shock/public_html/cart, but its not. basically the best way to find it is to put something there, then save with ssl turned on, then try clicking on one of the other admin links, and see if you see a lot of php errors about not being able to find /blah/blah in file /home/shock/public_html/cart, the bold part is the key, that ends up being your path:

Server SECURE Root Directory:

e.g. /path/to/your/secure/webstore: /home/shock/public_html/cart

you can see it in action here:

http://www.shockgadgets.com/cart

BUT!! Cookies and sessions don't pass through correctly, so if you add something to your cart, then try to checkout, it shows the cart as empty. I think that's in the bug area already. But at least the first part is out of the way!!

MAKE NOTE OF THE SLASHES, THEY ARE VERY IMPORTANT, DON'T ADD OR OMIT ANY, FOLLOW MY EXAMPLE IF YOU WANT IT TO WORK CORRECTLY!

:rolly:

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Nice work dsstrainer. We are closer the final solution. ;)

Root SECURE Public HTML Folder to store:

Absolute SECURE URL to store: https://www.toolboxmusicshop.com

Server SECURE Root Directory: /home/music/

the path the the publis HTML folder is : /home/music/public_html/

I can get it working but am unable to log into the admin.

any ideas?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Nice work dsstrainer. We are closer the final solution.  ;)

Root SECURE Public HTML Folder to store:

Absolute SECURE URL to store: https://www.toolboxmusicshop.com

Server SECURE Root Directory: /home/music/

the path the the publis HTML folder is : /home/music/public_html/

I can get it working but am unable to log into the admin.

any ideas?

try swapping these two around:

Server SECURE Root Directory: /home/music/



the path the the publis HTML folder is : /home/music/public_html/

make the SECURE ROOT : /home/music/public_html (no trailing slash!)

and the

public HTML folder: /home/music/

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Nice work dsstrainer. We are closer the final solution.  ;)

Root SECURE Public HTML Folder to store:

Absolute SECURE URL to store: https://www.toolboxmusicshop.com

Server SECURE Root Directory: /home/music/

the path the the publis HTML folder is : /home/music/public_html/

I can get it working but am unable to log into the admin.

any ideas?

try swapping these two around:

Server SECURE Root Directory: /home/music/



the path the the publis HTML folder is : /home/music/public_html/

make the SECURE ROOT : /home/music/public_html (no trailing slash!)

and the

public HTML folder: /home/music/

Still get the same problem.

am able to use SSL in the shop but not log into the admin - says cannot be found.

Link to comment
Share on other sites
  • 2 weeks later...
Guest

Guest

Posted
Posted

Well,

I got this reply from the Bug area:

Well if you want to turn off SSL, go to the database with all the settings in (config in the CubeCartconfig table) and change:

"c3Ns";s:4:"MQ=="

to:

"c3Ns";s:4:"MA=="

The settings and values are encoded in MIME format, and they are surrounded by "s

I also added this at the bottom of my admin settings page to view the raw config data:

Raw config file:<br />

<textarea cols="80" rows="30">

<? print_r($config); ?>

</textarea>

You will have to make these changes in your phpmyadmin program while editing the configuration table to get it working again.

But I too am having new problems, when i log in, it logs in fine, then when i click General Settings, it asks me to log in again and then it errors with the wrong path.

Link to comment
Share on other sites
convict Newbie

convict

Posted
Posted

Problem like I am able to use SSL in the shop but not log into the admin - says cannot be found are becasue of version of PHP (i suppose, PHP <4.3.3 ). Main problem are rows in sslSwitch.inc.php

$page = $glob['storeURL']."/".str_replace($config['rootRel_SSL'],"",$currentPageDir);



$page = $config['storeURL_SSL']."/".str_replace($glob['rootRel'],"",$currentPageDir);

Set CC 'enable SSL = NO" and use HTTPS on admin area - problem does NOT exist (if SSL paths are correct in CC General settings), cause rows i have mentioned are unused...

ADDED LATER:

Hmm, maybe i am not correct exactly (case of PHP version) :D but in case of installation in root directory, rows above makes stupidities (missing slashes).

Link to comment
Share on other sites
  • 2 weeks later...
Guest moonsoft

Guest moonsoft

Posted
Posted

I think that there needs to be a clearer description of the type of folder is required for SSL, some people have trouble with what exactly the directory is supposed to be

maybe an example would help under the folder designation

instead of

Root SECURE Public HTML Folder to store:

put an example

e.g. /cart/

(folder from public_html to your store folder)

"include trailing slash"

instead of

Server SECURE Root Directory:

e.g. /path/to/your/secure/webstore

put

eg: /home/username/public_html/store

I think that would elimiate the cinfusion.. also a separate field for setting up the store with a shared SSL

just my thoughts

Link to comment
Share on other sites
Al Brookbanks Experienced

Al Brookbanks

Posted
Posted (edited)

After testing, I see the same problem exists:

in the admin panel I set:

main site: http://www.shockgadgets.com

https site: https://mars.nswebhost.com/~shock

Root SECURE Public HTML Folder to store: (Include Trailing Slash): cart/

Absolute SECURE URL to store: https://mars.nswebhost.com/~shock/cart

Server SECURE Root Directory:

(e.g. /path/to/your/secure/webstore):  /cart/

After saving and reloading the admin panel it tries to load this:

hxxps://mars.nswebhost.com/~shock/cart/admin/settings/cart/admin/login.php?goto=/~shock/cart/admin/settings/index.php?

As you can see by the red letters, its trying to enter the admin folder within itself a second time.

This should be:

main site:

http://www.shockgadgets.com

https site: https://mars.nswebhost.com/~shock/cart

Root SECURE Public HTML Folder to store: (Include Trailing Slash): /~shock/cart/

Absolute SECURE URL to store: https://mars.nswebhost.com/~shock/cart

Server SECURE Root Directory:

(e.g. /path/to/your/secure/webstore): /cart/ <-- can't tell what that should be. (Probably /home/shock/public_html/cart or somthing...)

Edited by brooky
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...