Hello.
I need help setting up my own site certificate. First of all, I need to creat a Certificate Signing Request (CSR) using Apache Mod_SSL. How do I do this? How do access Apache Mod_SSL?

Can you please help me out with this.

Thanks very much.

did you get anywhere on the SSL setup?

My "store" works but when I click on a link that requires SSL (ie checkout) the web page will not pull up.

Any clues.

Sam

You can't do this at PowWeb - not yet, anyway.

What you can do is use PowWeb's shared SSL certificate - free signup through your OPS panel. You'll have to use a hostname of the form https://servername.powweb.com:12345 (it will tell you when you sign up) for this, you can't use your own domain name.

get with the program powweb, people want their own verisign or geotrust cert.

The admins have hinted that PowWeb is working on a way to do this. I find it amusing (sort of) that a year's certificate costs more than a year of PowWeb hosting...

Indeed the admins are currently testing an SSL accelerator for the servers that - once we are satisfied it is working properly - will allow you to use your own certificate on your site. It has not yet been decided what the fee structure will be for personal SSL or whether we will also offer the ability to purchase your own certificate through Member Operations. But it is being worked on, and you'll probably see it offered soon in one form or another.

mjp

I discovered today a serious downside of the current shared SSL support. It means that your site may not be accessible by users inside a corporate firewall that rejects access to non-standard ports (like where I work!)

So here's hoping for a better system soon that doesn't depend on a site-unique port number!

all my customers who try to place orders from behind a fire wall get errors as soon as thye get to the https server, whammo blank page, lost order

It's not all firewalls, but the two corporate firewalls I've tried do have this problem. Yuck...

Where on the control panel can I sign up for the eshared SSL certificate. I have looked and can't seem to find it.

Billing tab, at the bottom under "Additional Services".

OK....... I have activated SSL on the billing page and received a URL. Where do I use this URL on osCommerce. I used my regular URL when I installed the script.

Edit your admin/configure.php (and I think catalog/configure.php) to specify the https base URL in the appropriate variable. I'm far away from my editing system right now and can't tell you exactly, but it's like the second or third value in the file and should be obvious.

I believe these are the lines in configure.php file Stevel is talking about.

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://yoursite.com'); // eg, http://localhost or - https://localhost should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'http://yoursite.com');
define('HTTPS_CATALOG_SERVER', 'https://server.powweb.com:XXXXX');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

Hmmmmm. I have tried making the changes that you suggested. You have a line that was not in my config file and I have a file not in your post. I have included my the lines from the config file. I still receive a 404 error when I try to check out. :(



define('HTTP_SERVER', 'http://www.needlepointbackbay.com'); define('HTTPS_SERVER', 'https://www.needlepointbackbay.com'); define('HTTPS_CATALOG_SERVER', 'https://neptune.powweb.com:11739');
define('ENABLE_SSL', 'true');

The last line is the one in the config file which was not listed in your post. What should I do with it.

Make HTTPS_SERVER the same as you have for HTTPS_CATALOG_SERVER. BTW, I use ENABLE_SSL as false If you set it to true, the customer is in SSL even while browsing. It will change to SSL for the checkout process even as false.

Thank you

powweb needs to let us know its coming and when without missing a due date, i love powweb but the need for a verisign or thawte certificate will be the deciding factor in changing hosts, seriously, powweb, let us know and soon, very soon