News:

Support the VirtueMart project and become a member

Main Menu

SSL ISSUES

Started by bboilard, May 05, 2014, 00:59:11 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

bboilard

May 05, 2014, 00:59:11 AM
I have Joomla set to Force SSL to None, VM 2.60 set to use SSL in Sensitive areas. I'm guessing the checkout page and cart pages are not sensitive areas since it does not work?
How do I force SSL in the cart and checkout pages. I have tried creating menu items that are set for SSL for the Cart - When you highlight over the cart link it shows at https but when you click it... it reverts back to http. Very frustrating... I am using JoomSEF but I have turned that off and it is still doing the same thing. Anyone have any ideas. http://www.defensivestrategies.org/self-defense-security-products

jjk

#1
May 05, 2014, 08:21:42 AM
SSL only works if you have an SSL certificate installed and attached to your domain on your server. I'm using the free 'StartSSL', but the majority of people are buying their SSL certificate from providers like Verisign, Comodo, Thawte, GoDaddy (the latter might be on the cheaper side, but somewhat more tricky to set up).

Please search for something like "ssl certificate installation" in Google to get an idea what you might be missing.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

bboilard

#2
May 05, 2014, 12:35:14 PM
The site has an ssl cert installed which works fine as can be seen here https://www.defensivestrategies.org/upcoming-classes-registration - It's just not working for VirtueMart, in fact if you go to https://www.defensivestrategies.org/self-defense-security-products it reverts to the non-ssl http://www.defensivestrategies.org/self-defense-security-products - does this on checkout also

jjk

#3
May 05, 2014, 13:46:31 PM
I can see what you mean. In addition to

Joomla Global Configuration > Server > Force SSL = 'None'
VirtueMart Configuration > Shop tab > Enable SSL for sensitive areas (recommended) = enabled

I've set the links to sensitive areas like the shopping cart to
Secure = 'On' in the Joomla Menu Manager:Edit Menu Item > Metadata Options.

Works in my case.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

bboilard

#4
May 05, 2014, 13:55:46 PM
Yup done all that.... still doesn't work

jjk

#5
May 05, 2014, 15:26:52 PM
The only other idea I have at the moment is that it might be a cache problem. I would try to disable all cache (I think your template might also have cache settings).
If you follow the link provided here: http://forum.virtuemart.net/index.php?topic=110005.msg368594#msg368594 (One of my own sites), you will see a working example of SSL usage.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

bboilard

#6
May 05, 2014, 16:01:15 PM
Well it was a good idea but unfortunately after turning off all caches and cleaning out the cache on the server.... it's still not redirecting to the SSL for some reason. Messed up... the other components that need SSL work fine... VM2 is the only thing that doesn't work - but I'm not surprised (not thrilled with VM2 at all). Check out your site.... Looks awesome.

jjk

#7
May 05, 2014, 16:55:42 PM
Maybe something SSL related will show up in your access.log
However, if I compare your shops behavior with mine, I now tend to think that the SSL is not correctly configured for your
http://www.defensivestrategies.org/self-defense-security-products
If the SSL certificate would be configured correctly, you should be able to enter for example the url:
https://www.defensivestrategies.org/self-defense-security-products and load the page and it should load with https://

You can try it on the link to my homepage. Pick for example 'Artist's Biographies' from the top menu. This is a pure Joomla link, not related to VirtueMart. The link is not set to SSL and it opens without https://. But if you add the https:// to the url after the page has loaded and refresh the page, it will go into SSL.

BTW - I just noticed that you created a router problem in your shop by removing the '-details' suffix in your VirtueMart Configuration > SEO tab > Seo Suffix. You can enter almost anything you like, e.g. -htm, -html, -art, etc. Default is -detail. (But do not enable 'Add suffix to url' in Joomla configuration. That would create duplicate suffixes and doesn't work either)

If you leave that empty, the router (which produces the SEF urls) will not work in certain cirumstances.



Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

bboilard

#8
May 05, 2014, 18:27:04 PM Last Edit: May 05, 2014, 18:56:06 PM by bboilard
Yeah, the more I play with it the more I don't think it's a VM issue because as you say loading the homepage as https://www.defensivestrategies.org should work but something is redirecting it to http.... Odd, for the life of me so far everything I have tried doesn't work.

Definitely something with the template or module - I can load anything outside of Joomla as secure. https://www.defensivestrategies.org/phpinfo.php

I checked my SEO setting in VM and the -details is still there but the SEO is not enabled, I am using JoomSEF to do the redirects for the entire site... had to bu the VM plugin for it. I don't understand what the -details really does?

bboilard

#9
May 05, 2014, 19:21:24 PM
WOOT - I found it... I have DT Register installed on my site and there is a plug-in System - DT Register SSL - apparently it controls the SSL on the entire site not just DT Register - It has a box called "Components to Ignore" so inserting com_virtuemart fixed the issue. I think the store is now ready to go live. Thanks for your help my friend.

jjk

#10
May 05, 2014, 20:28:25 PM Last Edit: May 05, 2014, 20:42:16 PM by jjk
Quote from: bboilard on May 05, 2014, 19:21:24 PM
I think the store is now ready to go live.

Well, that sounds better than your previous "HikaShop here I come"  ;D

But I'm pretty shure you will run into problems with your missing VM SEO suffix. I would suggest to try running your shop without JoomSEF. I never installed it, so I'm not shure what it actually does. If it works similar to sh404sef, it will cost you a lot of maintenance time and page load speed after some time, while the generated SEF URLs are the same as using just the built-in Joomla and VirtueMart SEF.
sh404sef achieves compatibility with VirtueMart by shutting itself off on VM pages and if you configured JoomSEF similar to the screenshot they have on their JoomSEF VM plugin page, I'm pretty shure you would get the same result without it.

VM needs a SEO suffix (default is -detail) to distinguish category pages from product pages, which occationally might have the same name in a shop. The developers decided to use a suffix, because the last words in the URL are (a little) less important. You can even adjust the word to your language/taste. Google for example ignores suffixes like .htm, .htm or in our case -detail.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

bboilard

#11
May 05, 2014, 20:52:16 PM
I'll try it... thanks bud.

AH

#12
May 05, 2014, 21:08:45 PM
bboilard

https://www.defensivestrategies.org/phpinfo.php


You should not have this available to the general public, It can disclose information that might be useful to less friendly visitors
Regards
A

Joomla 4.4.5
php 8.1
Print
Go Up Pages1
User actions