Potential SSL issue

Greetings,

Not sure if this is an issue or not.

I have different URLs for my SSL processing.

For example:
HTTP = www.shop1.com
HTTPS = secure.mysite.com

When I navigate the shop without being logged in, I can add items to basket etc.. however as soon as I login to checkout, the items in my basket are lost. I can add more items, but when I click 'Checkout' this takes me to the account/account page.

So what Im guessing is that as soon as I go into the HTTPS url, the cart and customer_id details are lost, and it expects that the customer is not logged in, redirects them to login page but because Im logged in takes me to the account/account page.

Any feedback appreciated.

Thanks,
Campbell

Shared SSL is not supported at this time

So I need to have:

HTTP = www.shop1.com
HTTPS = www.shop1.com

And a SSL cert setup for shop1.com

it depends on how the cookies are setup. i'm sure i set it to work with different sub domains. you mikght need to play around with the session settings in your php.ini

Hi campbellmac,

I have just discovered the same problem with a shared ssl.

Have you had any luck fixing it? I am leaving it until tomorrow for now but up until reading this post just now I thought it was just me. (I presumed I had caused a javascript conflict - as I did not notice when I first switched on the ssl, but it is the ssl causing it, you are right).

Paul.

PS My php.ini file

magic_quotes_gpc = Off;
register_globals = Off;
default_charset = UTF-8;
safe_mode = Off;
mysql.connect_timeout = 20;

Look at:

http://uk.php.net/manual/en/function.se ... params.php

find:

Cookie domain, for example 'www.php.net'. To make cookies visible on all subdomains then the domain must be prefixed with a dot like '.php.net'.

now goto your php.ini and put:

session.cookie_domain = .yourdomain.com;

except most sharedssl don't share a domain.

Usually its like:

Thanks for the pointers Daniel, much appreciated, thankyou.

I was just reading and trying out variations to see if I could get that to work but on a different url as Qphoria quite rightly describes. My host (heart internet) does this,

Domain
http://www.ceramiccookware.co.uk (/index.php to see shop, left index.html holding page there for now)
Shared secure domain
https://web103.secure-secure.co.uk/cera ... ware.co.uk (because I am on server 103 I presume).

I am still researching on php.net although I have always avoided using cookies as I find it very complicated (probably have some real basics missing in my knowledge - which is all self taught on a read it, learn it, try it sort of routine.) I tried to build a browser based application once but gave up when I realised how small
cookies had to be. (The idea was to store all the app data in the cookie - I am such an idiot sometimes :-)

If anyone has any ideas it would be most appreciated, in the meantime I shall keep on trying. Will post any progress I make.

Paul.

PS First I am going to reinstall the default template just to make sure it is none of the os javascript bits I have added conflicting with each other. I will be more careful not to overwrite it this time. Even sticking to jquery framework only (1.2.3 from memory) it is amazing how many things wont work together, although I love jquery in comparison to other libraries I have tried (oops, right off topic as usual...) .

You don't really need a cookie. You just need to pass the session vars between domains. Google "passing session between domains"

Well Ive been trying to get this to work for over an hour now and am admitting defeat and asking for help.

OK so I am on a shared host but have a dedicated IP and SSL. So i have a root domain (with SSL) and subdomains (sharing root domains SSL).

So i need to pass the session data from http://www.myshop.com to https://rootdomain.com/myshop/

I have in the root domain php.ini and I have in the myshop php.ini

This isnt working so presume it isnt right, Ive also tried in the myshop php.ini

Can anyone help me? >:(