close ad
WARNING PC USERS: Do Not Install the DREAMWEAVER CC 2017 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Setting Up Power Store With SSL Certificate

Thread began 1/24/2011 10:17 am by dgwhit288523 | Last modified 1/28/2011 4:57 pm by Jason Byrnes | 1208 views | 7 replies |

dgwhit288523

Setting Up Power Store With SSL Certificate

I am about to order a SSL certificate for the web site where I have installed Power Store 4.01. The store is installed in a folder on the site (ecommerce) I have opted for the secured/dedicated certificate for the domain.com name and not www. The site is hosted by 1and1.com.

I have talked to their tech service department who tells me that all is required is to order the certificate and enter some specific coding into the .htaccess file in the root directory of the site and that's it! It would secure the entire web site and not just the Power Store as I understand it? Is this correct?

I have read through all of the posts that I can find and see a variety of issues some folks have had in the application of the certificate and some code changes to solve these.

Before doing this, I would like to know if there is a downside in securing the entire site which as it has been explained to me, would secure everything on it? I have asked about potential issues with users accessing the site with different browsers and they tell me none! This seems to be too simple to be true, but perhaps it is?

My original intent was to secure only the ecommerce section of the site, but from what I gather from talking to the tech guy, this is not how it works?

Can you give me some direction on this? Are there any known issues in doing it this way? I will be using the PayPal Standard gateway which is as I understand it, already secured.

Out of all the many web sites that I have developed, this is the first one that has required the certificate, so please bear with me as a "newbie" where this is concerned.

Thanks!

Sign in to reply to this post

Jason ByrnesWebAssist

In reality, you do not need an ssl certificate when using PayPal standard.

Most issues with SSL are host specific.

There really aren't any downsides to securing the entire site.


SSL is all server side, so there wont be browser specific issues.

As long as the htaccess rules are properly set up, you should not run into issues.

Sign in to reply to this post

dgwhit288523

Problem Now That Certificate Is Installed!

My client insisted that the site be secured with a certificate, so have done this. I purchased the GeoTrust Premium certificate through 1and1.com, put the required coding into the htaccess file and the site is secured.

I am using PayPal Standard as the gateway. I have found only two entries in the PayPal configuration screens for making this work with the now secured site. I changed the address to:

ipn.php for IPN and ecommerce for return.

Despite this, I am getting the following error message when clicking on the "cancel and return link back to the web site"

_______________________________________________

Bad Request
Your browser sent a request that this server could not understand.

Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

Hint: therugrack.com:443/

_________________________________________________

I am currently excanging tech support emails with PayPal.

They have come back to me and confirmed that both of the entries I have made are correct and have asked the following question:

"I show the account currently has the URL ipn.php for IPN and ecommerce for return

However, these values are overridden by transactions containing the NOTIFY_URL and RETURN commands.

Please verify any button or cart settings are not sending conflicting commands."

Are there any settings that must be changed in any of the Power Store PHP files that they are referring to correct this issue?

I have assumed (which is probably not correct) that once the order is submitted to PayPal using the two configurations above, that the issue is with the link back to the secured site as it clearly shows the http address and not the https address? (within the PayPal configuration)

I don't know what to tell them.

Can you give me some input on this, please?

Sign in to reply to this post

dgwhit288523

Values are overridden by transactions containing the NOTIFY_URL and RETURN commands

Since making the above post, I have done a Dreamweaver search and replace, find, etc. for the whole site for any codiing in any of the php files that refer to the above which Pay Pal tech service asks for a verification in order to determine the conflict (previous post)

I cannot find anything in the coding for any of the pages that make reference to the above.

I would like to get this resolved today, so the site can be taken live.

If the issue involves a conflict in the Power Store coding somewhere that is causing this, please advise how to correct it.

If not, please advise what I should tell them.

Thanks

Sign in to reply to this post

dgwhit288523

PayPal offers additional variables to customize your form post.

In an effort to continue troubleshooting this issue with PayPal Tech Support, I have been referred to this link where all of the available variables are listed.

392

Sign in to reply to this post

Jason ByrnesWebAssist

the cancel and return urls are set in the webassist/plugins/shopping_cart/process_transaction.php files.


look for the following lines of code:

php:
<input type="hidden" name="cancel_return" id="cancel_return" value="<?php echo($WAGLOBAL_Root_URL  ."pp_cancel.php"); ?>" />

              <input type="hidden" name="return" id="return" value="<?php echo($WAGLOBAL_Root_URL  ."checkout_success.php"); ?>" />





you can hard code the address here to use:

php:
<input type="hidden" name="cancel_return" id="cancel_return" value="https://therugrack.com/ecommerce /pp_cancel.php"); ?>" />

              <input type="hidden" name="return" id="return" value="https://therugrack.com/ecommerce /checkout_success.php"); ?>" />
Sign in to reply to this post

dgwhit288523

Thanks, this did the trick!

Thanks, this did the trick, however, I had to remove the ?> from both entries as it was putting two of these: /> /> before the buttons on the submit page.

<input type="hidden" name="cancel_return" id="cancel_return" value="https://therugrack.com/ecommerce /pp_cancel.php"); ?>" />
<input type="hidden" name="return" id="return" value="https://therugrack.com/ecommerce /checkout_success.php"); ?>" />

This is the code I used after removing them:

<input type="hidden" name="cancel_return" id="cancel_return" value="https://therugrack.com/ecommerce /pp_cancel.php"); />
<input type="hidden" name="return" id="return" value="https://therugrack.com/ecommerce /checkout_success.php"); />

Sign in to reply to this post

Jason ByrnesWebAssist

oooops, forgot to remove that code, glad you spotted it.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...