PDA

View Full Version : [Catalog Issue] One Page Checkout throwing errors following SSL install.



serrano88
08-07-2011, 03:44 PM
I installed SSL this weekend and am now having some trouble with single page checkout module. Fortunately this is the only problem I am having following the install.

After I add products to the shopping cart and go to checkout, I receive the following error messages as One Page Checkout loads:


There was an error updating payment methods, please inform Store about this error.
There was an error updating shipping methods...
There was an error refreshing the final products listing...
There was an error refreshing the shopping cart...
There was an error setting payment method...

I have altered the configure.php files according to the wiki:

catalog/includes/configure.php
define('HTTP_SERVER', 'http://store.mysitecom');
define('HTTPS_SERVER', 'https://www.store.mysite.com');
define('ENABLE_SSL', 'true');
define('HTTP_COOKIE_DOMAIN', 'store.mysite.com');
define('HTTPS_COOKIE_DOMAIN', 'https://www.store.mysite.com');

admin/includes/configure.php
define('HTTP_SERVER', 'http://store.mysite.com');
define('HTTP_CATALOG_SERVER', 'http://store.mysite.com');
define('HTTPS_CATALOG_SERVER', 'https://www.store.mysite.com');
define('ENABLE_SSL_CATALOG', 'true');


I only have checkout problems with One Page Checkout. When I disable it and go with the old school checkout, everything processes just fine. Am I overlooking something?

Thank you for your help!

serrano88
08-12-2011, 05:28 AM
Has anyone else experienced this problem? Does anyone have suggestions? I can't find anything in the forum about One Page Checkout generating these errors when SSL is installed.

michael_s
08-12-2011, 08:52 AM
This is wrong:

define('HTTPS_COOKIE_DOMAIN', 'https://www.store.mysite.com');

It should just be the domain:


define('HTTPS_COOKIE_DOMAIN', 'store.mysite.com');

serrano88
08-12-2011, 09:58 AM
Thank you for your reply Michael. Unfortunately updating the secure cookie domain didn't resolve the issue. I am using version 2.5 RC1, are there any One Page Checkout updates I might be missing?

michael_s
08-12-2011, 10:06 AM
Are you using a custom template? If so, switch back to the unmodified fallback template and test.

serrano88
08-12-2011, 10:23 AM
Switched to unmodified Fallback template, and received the same errors.

michael_s
08-12-2011, 11:46 AM
You may have a failed FTP upload. Try uploading the osCmax core files again.

What payment/shipping modules are you using? Are they all standard osCmax modules or have you added any new ones? If so, disable the new modules.

serrano88
08-12-2011, 12:46 PM
Reloaded core files in DEV, pointed production SSL domain to DEV and received the same errors.

I'm using the stock paypal IPN module, and per item shipping. No modifications.

I wonder if the problem may be my IPN settings. I read some post that it's not necessary to enter any info in these fields, so I left them blank. Everything works fine in the standard checkout process with SSL, I only get the errors in One Page Checkout.

My hosting company (1&1) installed the SSL certificates, so I'm not sure what the paths are to these items. Are these fields necessary in the PayPal IPN module, and could this be causing the problem with OnePage Checkout?

Your Private Key
The location of your Private Key to use for signing the data. (*.pem)


Your Public Certificate
The location of your Public Certificate to use for signing the data. (*.pem)


PayPals Public Certificate
The location of the PayPal Public Certificate for encrypting the data.


Your PayPal Public Certificate ID
The Certificate ID to use from your PayPal Encrypted Payment Settings Profile.

michael_s
08-12-2011, 12:55 PM
Could be a problem with your host. It is most likely something specific to your environment, as in all my months of testing one page checkout on about a dozen different server configurations, I have never run into this problem. I doubt this is an issue with paypal IPN. To test, disable the IPN module and enable the test credit card module and see if it works.

All the private key stuff with IPN is optional. Leave it blank as it is not needed.

serrano88
08-12-2011, 01:11 PM
Thank you for your time. Yes, all signs point to an environmental conflict. At least I can narrow down my search a bit. Will re-post if I have relevant questions, or when I find the solution.

Thanks again!

ridexbuilder
08-12-2011, 01:20 PM
A quick Google suggests quite a few people experience SSL issues with 1&1 hosting along with osCommerce, though some so-called solutions are blatantly wrong - SSL the whole store. :no:

serrano88
08-12-2011, 01:25 PM
Fortunately I read a post stating that OscMax only utilizes SSL on the appropriate pages.

ridexbuilder
08-12-2011, 01:39 PM
Fortunately I read a post stating that OscMax only utilizes SSL on the appropriate pages.
IF the configure.php files are set correctly.

serrano88
08-12-2011, 06:01 PM
Thanks for the tips. Came across this article which explains how to resolve common 1&1 OSCommerce issues with shared and dedicated SSL.

osCommerce: 1and1 SSL Fix (http://www.oscommerce.com/community/contributions,3289)

I resolved the problem by altering the following files:


includes/application_top.php
// set the type of request (secure or not)
$request_type = (isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == 'on')) ? 'SSL' : 'NONSSL';

changed to

// set the type of request (secure or not)
$request_type = (isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == '1')) ? 'SSL' : 'NONSSL';


includes/functions/general.php
if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page

change to

if ( (ENABLE_SSL == true) && (getenv('HTTPS') == '1') ) { // We are loading an SSL page


SSL works like a charm now. Thanks for your help!

ridexbuilder
08-13-2011, 12:23 AM
You sifted through the chaff and found it. :yes:

pgmarshall
08-14-2011, 10:42 AM
Perhaps we should add an OR to the statement to check for ($_SERVER['HTTPS']) == 'on' || $_SERVER['HTTPS']) == '1').

Post in bugtracker if people think it would be a good idea.

Regards,

ridexbuilder
08-14-2011, 10:56 AM
Sounds like a plan. :)