Shared SSL Silliness

[alsheron]

Well, after much stress, it looks like i've had to give in and look into a dedicated SSL Certificate.

My PHP skills are basic (i'm just learning now) and i've tried editing init.php, settings.in.php and link.php in various ways.

My goal is simply to add a prefix to URLs when HTTPS is used and you'd think that is a simple request to make:

https://secure1.namesco.net/[mydomain.com]/form.html

i.e. prefix:
https://secure1.namesco.net/[mydomain.com]/

directly before the filename

Oddly, no-one here either seems to have the answer or wants to help.

I've seen a whole thread where instead of trying to help someone (me included) figure this out, the entire thread became a call for them to use a dedicated SSL certificate.

Come on! I know enough PHP to know that there will be a fairly simple fix for this, but not enough PHP to know how to do it properly.

From a coding point of view, i'd love to know how to do this. Can ANYONE help?

Which is the correct file to modify?

in init.php i see the following:

$protocol = (isset($useSSL) AND $useSSL AND Configuration::get('PS_SSL_ENABLED')) ? 'https://' : 'http://';

$smarty->assign(array(
   'base_dir' => __PS_BASE_URI__,
   'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,
   /* If the current page need SSL encryption and the shop allow it, then active it */

Now if I edit 'https://' and change it to 'https://secure1.namesco.net/[mydomain.com]/'

this does not work. Which do I change? It looks like it's also concatenating the PS_BASE_URI on to the end. Removing this does not work either.

I thought i'd fixed it once, but i KEEP GETTING this:
http://www.prestashop.com/forums/viewthread/19101/general_discussion/ssl_problem_showing_double_entry_on_the_address_bar

I've seen somewhere to edit link.php:

/* SSL Management */
if (!defined('_PS_USE_SSL_'))
   define('_PS_USE_SSL_', (isset($useSSL) AND $useSSL AND Configuration::get('PS_SSL_ENABLED')) ? 'https://'.$_SERVER['SERVER_NAME'] : '');

Again, if I change 'https://' to 'https://secure1.namesco.net/[mydomain.com]/' it doesn't work consistently. It also has a concatenator here too with the $_SERVER['SERVER_NAME']. Shall I keep this or remove this?

The problem i'm having is that there doesn't seem to be any consistency. At least I cant understand what code does what.

Can someone with (will be easy) more PHP experience than me explain this to me and maybe even how to go about making https links begin with https://secure1.namesco.net/[mydomain.com]/ for ALL linked items on the page (so as to maintain the secure connection?

Prestashop is literally fantastic, but this is a simple issue (prefixing https requests for shared ssl compatibility) and it's seriously holding a lot of people back.

Please help!

[Robert G.]

You're on the right track; all I did was the following:

        /* 'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8').__PS_BASE_URI__, */
       'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars('www.google.com', ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,

Cut out HTTP_HOST (which'd usually return "yourdomain.tld") and replace it by a fixed value. www.google.com in this case, but could've set it to whatever I wanted to, i.e.:

'base_dir_ssl' => (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://').htmlspecialchars('123webhost.com/yourdomain.com', ENT_COMPAT, 'UTF-8').__PS_BASE_URI__,

Do note this only applies to the cart/checkout-area, so if you that's the inconsistency you mentioned it's a feature AFAIK.

[alsheron]

Thanks for the relpy! :-) Unfortunately, or maybe fortunately, I went the dedicated SSL route. It's great that you made the effort to reply though as I know others will benefit and there seem relatively few with the helping spirit around these parts. It's great to see how you did it, too - I hate PHP mysteries!

[Robert G.]

Ah, okay, in that case:

init.php

// Don't do any lookup on protocol, just always enforce ssl regardless of page / functionality. Untested.
//$protocol = (isset($useSSL) AND $useSSL AND Configuration::get('PS_SSL_ENABLED')) ? 'https://' : 'http://';
$protocol = 'https://';

I'm just wondering what you actually want with the other (sub)domain; is that for checkout only? all pages? or is this what you needed?
*pours coffee*

It's great to see how you did it, too - I hate PHP mysteries!

I'm not a programmer by any means; merely trial and error with basic php syntax knowledge.

[ScubaLessonsInc]

call me crazy but not a programmer either.. this code you pasted, should I append existing code or replace code and in what file.. please dummy it down for me? Having the same issue.. shared SSL and afraid to start changing all the relative paths of every file/image etc. Is there a way to do the whole thing?

What about payment gateways that require .pem path? Does that come from the cc company or is that my ssl cert that I have to put in there?

Thanks,
Tina

[Roberto125]

Good day,

it depends on your SSL certificate. What kind of SSL certificate is it?

Could you please also tell us which server you have?

Best regards,