HomeHome Product Discus... Product Discus...SmithCartSmithCartSetting up SSL in Smith CartSetting up SSL in Smith Cart
Previous
 
Next
New Post
6/6/2011 9:18 AM
 

I would like to add SSL encryption to my Smith Cart check out process.  DNN allows you to set it up on your portal so that SSL encryption can be enabled on a per page basis.  This seems like what I need.  On which pages do I need to enable SSL for a Smith Cart transaction to be fully protected?  Is it the "Store" page that shows the categories?  Is it the "Product Details" page that shows the product's details?

When a user clicks the Check Out button and starts the check out process, this is when encryption should be enabled, right?  But which of the site's pages are used for check out?

Thanks.

 

 

 
New Post
6/6/2011 12:23 PM
 

Please see the following "How To" post on how to enable SSL for the Smith Cart checkout pages:

http://www.smith-consulting.com/Forum...

 

-Scott


Scott Kelly
Project Manager
DotNetNuke Consulting, DotNetNuke Store and DNN Ecommerce
 
New Post
6/8/2011 4:19 PM
 

Thank for your help.  I have followed those instructions and seem to have some wierd problems as a result.

My site is hosted at 3Essentials.  I set up a Shared SSL solution there, so I had to fill in the "SSL URL" field and "Standard URL" field in the Site Settings page.

If I do not check the "SSL Enforced" box, ALL the pages on the site go through SSL, even the ones for which I do not set the "Secure" box.

If I do check the "SSL Enforced" box, then only the pages on which I check the "Secure" box go through SSL, but I get a some new problems when I'm logged in to the superuser (Host) account:

1.  Whenever I try to go to the Host page, I am redirected to the Home page - wierd.

2. When I go to the one page on which I have checked the "Secure" box, none of the admin features are available.  No module setting link, no admin control panel at the top, nothing.

3. None of the images on the secured page are displayed.

Any clue what's going on?

Thanks.

 
New Post
6/9/2011 12:15 PM
 

This may be irrelevant, but I recently obtained an SSL Certificate at PowerDNN. Before that, I was on a shared IP address. They told me I needed a dedicated IP address in order to implement the SSL Certificate.

So we switched from shared IP to dedicated IP, and it appears to be working.

I speculate that this is necessary because the SSL Certificate is tied (I think) to the IP address. If more than one domain share an IP address, it would be possible for a second rogue domain, for example spammers, to "ride on the coattails" of the first (legitimate) domain, impersonate them and redirect visitors to Web pages that maskerade as being secure.

This is confirmed here: http://www.smallbusinesshoster.com/do...

 
New Post
6/25/2011 1:51 PM
 
Here's an update...

I have abandoned my attempts to use the DNN implementation of SSL security. The secured pages must be rerouted through a https path (as opposed to non-secure http path). DNN wants to set up aliases for the re-routing.

Anyway, none of it worked. The alias engines is a big disappointment and it appears to be central to DNN SSL implementation.

Muddying the waters more is the fact that I'm trying to use a Shared SSL certificate.

I have purchased and installed a module called SSLRedirect: http://www.snowcovered.com/Snowcovered2/Default.aspx?tabid=242&PackageID=4103

After some configuration issues that arose because I'm using a Shared SSL certificate, the SSLRedirect module is working great for me.

The only problem I now have is that the yellow banner that you get when you don't have a license for the Smith Cart is getting displayed. Even though I have a license, and the license files are in the root location as they are supposed to be, that yellow banner that says I don't have a license is still being displayed.

I have a post in another thread here for the yellow banner issue. Since I installed and configured the SSLRedirect module, the Smith Cart page on my site is now secured as I wanted it to be. So the issue this thread is tracking has been resolved.

 
New Post
6/25/2011 8:55 PM
 

Hi Glen,
Not sure I follow all the hoops you had to jump thru to get ssl installed on your site but installing an ssl cert is typically a pretty easy and straightforward process even on a dnn site. If the reason you had to install the redirect module is because of the shared ip/ssl, you might want to think about upgrading your hosting to a dedicated ip which is only about an extra $10 probably a wash moneywise since you had to buy another module to get around the limitations of your hosting. The SmithCart licensing dll validates your domain name in the url to determine if to display the license message or not. Can you confirm if the domain that you requested the license for matches the domain name you are currently using. if the domain that you requested the license for matches the domain name you are currently using then the reason that the license message is still displayed is most likely caused by the http redirecting the new redirect module is doing possibly causing the cart not to be able to determine the domain in the url.


Scott Kelly
Project Manager
DotNetNuke Consulting, DotNetNuke Store and DNN Ecommerce
 
New Post
6/27/2011 6:27 AM
 

Thanks Scott.  Your post has helped me understand better what is going on.  I think you are on the right track as to why the yellow banner is being displayed.  As you suggest, I think is has to do with the redirect.

I purchased the Smith Cart license for the domain hideaboard.com.  However, in order to use the Shared SSL certificate at 3Essentials (the hosting company I am using), calls must be rerounted through https://ssl26.3essentials.com/hideabo...... 

where "hideaboard_secure" is a virtual directory that I set up according to instructions from 3essentials.

Perhaps if that domain path (including the "hideaboard_secure" virtual directory) were contained in the license, the yellow banner would not be displayed.  That appears to be the last piece of this puzzle.

Thank you very much for your point about the dedicated IP and it's price vs purchasing the SSLRedirect module.  It does appear to be an affordable monthly fee ($2.95 per month at 3essentials) to get a dedicated IP.  However, annually that comes to about $35.  And, if I understand it correctly, even with a dedicated IP, I would still have to reroute through 3Essentails's path to use their Shared SSL certificate.  And that puts me right back where I am now.

Am I correct that it would take both a dedicated IP and a dedicated SSL certificate?  The SSL certificate is $60 per year at 3essentials.  For both the dedicated IP and the dedicated SSL, the total cost comes to about $95 per year.  My customer is really pushing back on me against that added costs of doing a dedicated IP and SSL certificate. If I go the dedicated IP/SSL route to solve this problem, I am probably going to have to eat the added costs. And I just don't have that much room in the annual hosting fees I'm getting.

Anyway, those are business issues.  From a technical standpoint, if my understanding is right, I could use the Shared SSL option if the path through 3essentials's Shared SSL (including my "hideaboard_secure" virtual directory) were in the license.

Do you know what would it take to include the path through the 3essentials Shared SSL, including my "hideaboard_secure" virtual directory, into the license?  If that path were in the license, I'm thinking it would all work.

Thanks.

 
New Post
7/6/2011 4:12 PM
 
Hi Glenn,
I went to your site https://ssl26.3essentials.com/hideaboard_secure/ReplacementCovers.aspx and it doesnt load in ie or chrome. It looks like you have some hosting issues that need to be resolved. I recommend purchasing the dedicated ip so you can install a normal ssl cert instead of the shared ssl.

Scott Kelly
Project Manager
DotNetNuke Consulting, DotNetNuke Store and DNN Ecommerce
 
Previous
 
Next
HomeHome Product Discus... Product Discus...SmithCartSmithCartSetting up SSL in Smith CartSetting up SSL in Smith Cart