Shared SSL

[Juandbbam]

Hello,

I have been reading many posts about this issue, but I don't see any definitive answer. I have done many shops for clients under shared SSL using Zencart and never had a single problem.

Now I decided to change to Prestashop for a new shop I'm making. I'm totally impressed with Prestashop, congratulations to the developers as it's really great!

But... I have the shop almost finished and working but I have now realised that it doesn't support shared SSL (my fault for not knowing it in advance).

Or I'm wrong and it is supported? And if it's supported, what it should be done?

Unfortunately the client doesn't want a dedicated SSL...

By the way, my shop is installed inside a folder (not in the root), like that:
http://www.mywebsite.com/shop

And the shared SSL:
https://mywebsitecom.sserver.es/

It gives a problem when the secured pages should be loaded saying that www.myshop.com is using a not valid security certificate.
The certificate is only valid for *.sserver.es.
(Error code: ssl_error_bad_cert_domain)
And asks for an exception.

Thank you in advance for any help, as I'm now blocked and don't know what to do. I wouldn't like to start from zero this shop going back to the old Zencart now that I'm so happy with Prestashop.

My reply in this topic is probably applicable here as well. I don't currently have SSL setup on my box, but have a look anyway and see if it helps anything :)

Hi _robert!

Thanks a lot for your kind reply.

I have just tried it. As said above my shop is in a domain like this:
http://www.mywebsite.com/tienda/
And the https for this domain is:
https://mywebsitecom.sserver.es

I have done what you said:

'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars('mydomaincom.sserver.es', ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,

It doesn't work, I have now two problems:

- When I go to see cart the cart, it is empty, when it shouldn't.

- When I go back to any page of the shop now the entire shop is under https and CSS and image files are missing.

If I do:

'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars('www.mydomain.es', ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,

it gives me the same error I described in my last message above.

Am'I doing domething wrong?

Thanks a lot in advance for your help!

Any help for this please?

I have seen in the forums that there are many questions regarding this issue, but no definitive solution has been given so far.

It's a pity as Prestashop is great but this problem is very important for many people, as I have seen in the forums.

Thank you in advance.

easiest solution - upgrade to a dedicated SSL if at all possible. Forget shared certs.

Thank you Hoodgrown,

Yes, I have realised about that. The problem is that sometimes it's not my decision but client's one. It's a pity not knowing a definitive answer like Yes, it's supported but doing this and that, or not, it's not supported at all. It would save a lot of time. I cannot complaint at all as Prestashop is great, but it's just a comment.

Totally understand.
I usually don't even give my clients the option of a shared certificate... telling them that they need to go with a dedicated from jump and explaining the benefits.

Hello everbody

After reading through this forum for hours I would like to contribute what I have found so far. I had the problem that my customers provider installed shared SSL on a subdomain of my customers domain (e.g. secure.mydomain.com).

I made the following changes to the init.php (lines 106 - 108):

$server_host = htmlspecialchars('mydomain.com', ENT_COMPAT, 'UTF-8');
$protocol = 'http://www.';
$protocol_ssl = 'https://secure.';

line 159:

'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars('secure.mydomain.ch', ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,

Now, the secure links on the shop site seem to work and users can create their accounts and get a confirmation e-mail. Unfortunately the shop users are not able to login after registration. Presta keeps displaying the "create account" site. So, as a matter of fact, the shop still cannot be used like that.

Does anyone know what else has to be changed? Every help is much appreciated.

Thanks,
Michael

Well, I found something that might bring one to a solution.

It looks like the cookie is not generated properly. It is marked as "not safe" where it should be safe. When I change this in the cookie manually the login works perfectly.

At the moment, I don't know where to change this. So I would appreciate every tipp.

Thanks,
Michael