[ic] SSL Cert.
Frank Reitzenstein
frank at aussievitamin.com
Wed Dec 2 18:14:38 UTC 2015
kerry wrote:
>
> On 12/02/2015 11:37 AM, Frank Reitzenstein wrote:
>> kerry wrote:
>>> On 12/02/2015 09:28 AM, Stefan Hornburg (Racke) wrote:
>>>> On 12/02/2015 03:23 PM, kerry wrote:
>>>>> My Host recently installed a new ssl cert to my site.
>>>>> It shows secure at the Geotrust site for checking, but when youclick
>>>>> the add button to add an item to the cart, you get a warning that the
>>>>> page is insecure. You can go through the rest of the checkout with out a
>>>>> problem. It also shows up in the admin side under the items tab.
>>>>>
>>>>> My host has verified that it working fine and indicates it is in the
>>>>> interchange program.
>>>>>
>>>>> Here is a link to an item ready to add to the cart for a look at what is
>>>>> happening. Just click the add button to see what is happening.
>>>>>
>>>>> https://decor.basicq.com/cgi-bin/dcart/P301.html
>>>>>
>>>>> I searched the docs and could not find a solution to what is happening
>>>>> and why.
>>>>>
>>>>> Any suggestions appreciated.
>>>>>
>>>> The form action points to http:// - you need to fix that.
>>>>
>>>> Regards
>>>> Racke
>>> Now to find where the form action is located.
>>>
>>> My host noticed that all the pages have the https and the secure favon
>>> on them.
>>>
>>>
>>> Kerry
>>>
>>>
>>>
>>> _______________________________________________
>>> interchange-users mailing list
>>> interchange-users at icdevgroup.org
>>> http://www.icdevgroup.org/mailman/listinfo/interchange-users
>>>
>> cd /var/lib/interchange/nasicq/ or wherever your catalog resides.
>>
>> grep -r "http://decor.basicq.com"
>>
>> That will list all instances in all pages of the insecure link. I assume
>> that your entire site is secure. Then you need to replace them all with
>> https://
>>
>> I have the strap store well advanced and all secure. I found that once
>> the entire store was secure I kept losing the cart after the rewrite
>> rules. I was able to fix this by forcing a session id at most menu links.
>>
>> https://www.kenyan-curios.com/?id=[data session id]
>>
>> Then I had to fiddle around in apache2.conf so that the session id was
>> always removed for google and casual blowins, whilst once a session id
>> appears at the cart it was thereafter always enforced. I had a great
>> time hacking the strap store after encountering endless problems. It
>> looks like your cart may be more stable.
>>
>>
>> _______________________________________________
>> interchange-users mailing list
>> interchange-users at icdevgroup.org
>> http://www.icdevgroup.org/mailman/listinfo/interchange-users
> http://dottech.org/86332/firefox-is-going-to-start-forcing-https-usage-for-sensitive-websites-to-thwart-man-in-the-middle-attacks/
>
>
> Looks like Firefox is part of the problem. I checked some other pc here and seems like some have the new stuff enabled and others not.
>
> My host said the same thing, secure the whole site and be done with it.
>
> I will see if I can follow your advise.
>
>
> _______________________________________________
> interchange-users mailing list
> interchange-users at icdevgroup.org
> http://www.icdevgroup.org/mailman/listinfo/interchange-users
>
OK I thought my advice was inappropriate, you haven't secured the whole
site. It took me 16 hour days (whilst running my biz) for a month plus
much more. However I used the new store not yet released, admitted to be
buggy.
I tried pgsql for the first time but it caused premature end of scripts
on some options. Basically I was prepared to do the job many times over
because I wanted the HTML5 CSS store badly.
I your case you may wish to try the entire secure site. I am guessing
that you wont be using pages of rewrite rules. I got everything apart
from the checkout process from which google is banned pretty neat. I
found that applying rewrite rules dropped the cart so I kept the
/cgi-bin/store for all those pages, but I was able to force the session
id in any link that was letting me down, for example an interruption
back to the home page. Further I found that I could get whatever
behaviour I wanted with mod rewrite to refine it more.
https://www.kenyan-curios.com/
https://www.kenyan-curios.com/Grocery/Drinks/
https://www.kenyan-curios.com/akin-pure-facial-cleansing-gel.html
...but the price was pretty high.
The /cgi-bin/store really sucks.
My advice is to work very hard and keep working until you get what you
want. When I hit a brick wall I tried something else and I'm almost
there. I guess I am pretty much there. I need to fix the descriptions as
I use perl to massage them. Also I want to write software to use one of
the surplus columns in products.txt to store the image dimensions, as
page optimization suggests that this is necessary for fast rendering. I
think Interchange may be able to manage that but often I just do my own
thing.
More information about the interchange-users
mailing list