Ok. I am having the same problems as most people that are trying to use their SSL for their OsCommerce Site. Any site that uses the HTTPS does not work. Here is a copy of most of my Config.php

<?php
/*
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com

Copyright (c) 2003 osCommerce

Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.gunloads.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.gunloads.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'http://www.gunloads.com');
define('HTTPS_COOKIE_DOMAIN', 'https://www.gunloads.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
define('DIR_FS_CATALOG', '/www/l/lamur/htdocs/catalog/');
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

You can check out the catalog here:
www.gunloads.com/catalog
Just go to login and you can see the problem.
Any suggestions more then welcome.
Thanks

Your SSL page isn't correct. It should be in the form:

https://servername.powweb.com:xxxxx

replacing xxxxx with your correct port assigned in OPS.

'https://www.gunloads.com' Is not the proper URL for your ssl.

Log into OPS under SSL for the proper URL to use.

=)
Jade

Ok, I changed it to https://www09.powweb.com/~lamur.
I get a bit farther, I hit the login button and get:

Warning: session_start(): open(/tmp/sess_d54dff2c3526ffbe1d595936e1413878, O_RDWR) failed: Permission denied (13) in /www/l/lamur/htdocs/catalog/includes/functions/sessions.php on line 67

YOu can view it yourself if you hit the login button. Whats this mean?

Also at the bottom of the page i have this:


Warning: session_write_close(): open(/tmp/sess_24eb15977f671c72040db34cc2a8d816, O_RDWR) failed: Permission denied (13) in /www/l/lamur/htdocs/catalog/includes/functions/sessions.php on line 106

Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in /www/l/lamur/htdocs/catalog/includes/functions/sessions.php on line 106

Make sure that you have this in your catalog/includes/configure.php:

define('STORE_SESSIONS', 'mysql');

Well somebody is a genious!
Works like a charm!
Thanks so much!

**NEW ERROR**

I have been testing about everything on my board. And I noticed that when I update an order (Processing, or Delivered) and it sends me an E-mail giving the Customer an update that it gives me the address:
https://gunloads.com/catalog/account_history_info.php?order_id=3

Where it should be giving me the address:
https://www09.powweb.com/~lamur/catalog/account_history_info.php?order_id=3

with the proper SSL address. I am not sure where to check for the setting to change this.
But when you first make an order, the E-mail saying what I ordered gives me the Correct SSL link.
Any Ideas?

In admin/includes/configure.php, you want:

define('HTTPS_CATALOG_SERVER', 'https://www09.powweb.com/~lamur');

I also suggest that HTTP_SERVER in this same file be set to the same value. Otherwise, your navigation through the admin panel won't be secured.

Thanks, that worked out good.
I know when I finally release this shopping cart, I will be getting alot of people asking what:
'https://www09.powweb.com/~lamur'
means in there url to get to me. I especially hate my username being a part of it. Oh well.

Well, it's better than them seeing an error because their firewall blocks non-standard HTTP ports, which is what would have happened up to a few weeks ago. But I agree that exposing the username in this fashion would not be my first choice.

I heard powweb was trying to work on something better then this? Am I correct?

They are working on a system where users can bring their own SSL certificates and use them with PowWeb packages.

However, implementation timeline is not known. There have been a few admin posts concerning it, but nothing concrete.

Our own SSL Certs would cost extra $$ wouldnt they? I am pretty new to the whole SSL thing.

Yes they do cost extra, and they're not cheap by any means.

Maybe its not so bad :)

The URL with the username IS the new system. Previously, you were assigned a unique and non-standard port number. I wish they had surveyed users who expressed an interest in SSL to see what solution would work best for the customers.

If they could just incorporate the name of the purchased Domain Name, thats all I would like.

www09.powweb.com/gunloads/ etc etc

People would see the username url and wonder where they are going...

Just like they do the temp URLs for new packages...

http://domaincom.powweb.com

Something along those lines would have definitely gotten my vote...

Never thought of that... That would be perfect.

I vote yes :)

Well, that would require them to keep, potentially, tens of thousand of additional entries in the DNS tables for powweb.com and in the virtual host tables, and I imagine that would have a performance impact. But I agree that something along that line would be nice.

Very true Steve. There still has to be a better solution available.

Tom

Today's deep thought:

Windows 98:
A 32 bit extension of a 16 bit file system for an 8 bit operating system for a 4 bit processor made by a two-bit company that can't stand one-bit of competition.


I almost fell of my chair laughing at that. :D

Originally posted by gunloads.com
I almost fell of my chair laughing at that. :D

:D

I'm an Apple man myself...

the only G4 i want is a graphic card. I am not much of an apple man. I like good games :)