I have osCommerce installed into shop.domain.com, and I have a perminent redirect for www.domain.com/shop to go to shop.domain.com.....


BH tech support told me that SSL only works for the main domain, and does not work for subdomain. But Im hearing something different on osCommerce forums. I need some help please.

http://forums.oscommerce.com/index.php?showtopic=248710


So, can I use SSL on shop.domain.com without getting warning error message that certificate is fake. (obviously after I register SSL certificate for www.domain.com)

My understanding is that if you could get a certificate installed for the subdomain that you could set up osC to use it. The issue, I think, is that BH either can't install or chooses not to allow installing SSL certificates for subdomains.

The trouble may lie with the fact that an SSL certificate is tied to a single IP address and you may not be allowed to have multiple certificates with the same IP address.

Yes, thats what they eventually told me on osCommerce forums. So now I have www.domain.com/shop

and subdomain shop.domain.com which is setup to redirect to www.domain.com/shop


So that seems to be working alright, although I need to purchase a certificate. I feel so excided about this whole thing. I'll be the first one in the world to provide quality service and warranty, and offer shopping a dissent shopping system with SSL!!!


What kind of SSL should I get, 256 bit, 128 bit, 64 bit? I'll be having customers from all over the world..

What is a good place to buy cheap certificate?



Another thing, when it goes to secure shopping cart URL looks like this. www.domain.com/~username/shop....... Is it normal to have ~username appended? It seems to work though.

What kind of SSL should I get, 256 bit, 128 bit, 64 bit? I'll be having customers from all over the world. I have customers from all over the world, too. I purchased my certificate through BH. I think that they are a reseller for RapidSSL.

From the perspective of a visitor to your site, unless they get a certificate alert from their browser, most won't be able to distinguish between a cert that costs you $30/year vs. one that costs $300/yr.

Yes, thats what they eventually told me on osCommerce forums. So now I have www.domain.com/shop

and subdomain shop.domain.com which is setup to redirect to www.domain.com/shop


So that seems to be working alright, although I need to purchase a certificate. I feel so excided about this whole thing. I'll be the first one in the world to provide quality service and warranty, and offer shopping a dissent shopping system with SSL!!!


What kind of SSL should I get, 256 bit, 128 bit, 64 bit? I'll be having customers from all over the world..

What is a good place to buy cheap certificate?



Another thing, when it goes to secure shopping cart URL looks like this. www.domain.com/~username/shop....... Is it normal to have ~username appended? It seems to work though.

1. Blue Host is a great place to buy a in expensive certificate.

2. I do not believe what you have is actually a sub domain. As soon as you go to the login part it should start switching to a secure site https://

3. I think the user name in your link might have something to do with your configure.php in catalog/includes/configure.php

Make sure all you settings are correct in there including the name on your certificate. In my case it went from gardensoyvey.com to www.gardensoyvey.com, an important distinction for the certificate warning not to come up. It took me some time to figure that out.

You also will need you passwords you have with Bluehost to your site and to your SQL data base. They need to go at the bottom of the file where I put the xxxx.

I will paste the file for you, you already know about the oscommerce forums.

Wolf

<?php
/*
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com

Copyright (c) 2003 osCommerce

Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.yourdomain.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.yourdomain.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.yourdomain.com');
define('HTTPS_COOKIE_DOMAIN', 'www.yourdomain.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
define('DIR_FS_CATALOG', '/home/XXXXXX/public_html/catalog');
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
define('DB_SERVER_USERNAME', 'XXXXXXX');
define('DB_SERVER_PASSWORD', 'XXXXXXXi');
define('DB_DATABASE', 'XXXXXXX');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

you can't add a ssl onto a subdomain in Bluehost. If it's your main WWW. for your account then you can but if it's an addon domain no can do..... I actually had my server reset, made all the backups and then had to restart over with all my backups. From there I bought a BH CERT and things were smooth as.

If you look in my previous post from my profile you can see how I did it.

Take care and good luck,

Nigel