Web Hosting Talk






PDA

View Full Version : SSL Implimentation

SharkBait
04-17-2006, 04:28 PM
Hi,

Our company has an SSL cert for our website. Now I am not sure as how to use it because I have never had to in the past but hopefully someone can shed some light on this for me.

Our server is setup to use the SSL Cert. Though I am unsure as how to use it in my PHP scripts.

If I push someone to the https://{SERVERNAME}/checkout.php file, where does that checkout.php file have to be? I thought I could just change the URL to HTTPS from HTTP, but it seems to not be able to find it. So that is why I believe I need to figure out where I should put this file so that our SSL Cert works for online orders.

Any information is greatly appreciated.

Thanks
RH Swaroop
04-18-2006, 05:10 AM
You will need to install the certificate over the domain. As far as I know, in most systems, the files need not be there in two different places. just using https://domain.com/file.php will work.

I am not an expert at this. I usually use the built in feature in CPanel to install the certificates.
SharkBait
04-18-2006, 01:37 PM
Ah I see.

So I can do https:{SERVERNAME}.com since that seems to be the registered domain but not https://www.{SERVERNAME}.com

I'll just have to have php do header redirects to the none www.{SERVERNAME}.com then.

Thanks
RH Swaroop
04-18-2006, 01:38 PM
no, a little bit of DNS tweaking can also do that.
SharkBait
04-18-2006, 03:02 PM
One thing I noticed is that when I put items into my shopping card when the URL is http://www.{SERVERNAME}.com and goto 'checkout' I redirect to https://{SERVERNAME}.com my shopping cart becomes empty.

The shopping cart is based on a session. So going from {SERVERNAME}.com to www.{SERVERNAME}.com creates a new session?? Thought sessions were browser based.

Am I doing something wrong?
RH Swaroop
04-18-2006, 03:07 PM
I am not best at sessions. But I think domain matters. www.something.com is different from something.com

I suggest you redirect them to the right domain to avoid problems.
SharkBait
04-18-2006, 03:19 PM
www is the subdomain for somthing.com

Just like mmm.beer.com is a subdomain of beer.com but in Apache you can have them serve the website from the same directory.

Its silly that SLL certs don't work for Sub domains, but I could understand why if your giving people Bob.someplace.com and Susan.someplace.com and don't want them to be a part of your SLL Cert.

*shrug*

For now I'm just touching up a couple of my links and going to redirect if people goto www.{SERVERNAME}.com to {SERVERNAME}.com