I.E.6 possible bug and SSL configuration?? HELP!!! ARGHH!

[marastafat]

Righ now I hope you are all sitting comfortably as I have quite a few questions / comments / possible issues to raise.

Firstlt let me describe the set up:

I have OSC MAX 2.2 (fresh download from OSCommerce.org) sitting on a Linux / Debian server running Apache, PHP, MySQL and a purchased SSL certificate from Comodo which runs at https://secure.firefly-it.com/anyfolder/) I have two identical (apart from the CSS) versions of the OSCommerce software sitting on the server one at http://www.firefly-it.com/catalog/ the other (so that links will work between them) sitting in https://secure.firefly-it.com/catalog/)

Now the questions / problems.

1) When clicking on checkout or MyAccount using I.E 6 the hyperlink references from http to https. Now in all browsers (I think) except for I.E.6 the transition seems to be fine. But in I.E.6.... 4 out of 5 times we get a page cannot be displayed error! So weired on the 5th (sometimes the 4th or 3rd depending on the weather) time it will work!!! I have all SP and patches installed

2) When going from HTTP to HTTPS the contents of the shopping cart disapears. Now I have read pretty much all the prior strings related to this and fiddled with various different setups but no previously suggested solution has fixed the problem. My /includes/configure.php is below folowed by the /admin/includes/configure.php under that.

These are my admin settings

Session Directory /tmp
Force Cookie Use False
Check SSL Session ID False
Check User Agent False
Check IP Address False
Prevent Spider Sessions True
Recreate Session True

includes/configure.php

define('HTTP_SERVER', 'http://www.firefly-it.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://secure.firefly-it.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.firefly-it.com');
define('HTTPS_COOKIE_DOMAIN', 'www.firefly-it.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
define('DIR_FS_CATALOG', '/home/firefly/www/www.firefly-it.com/catalog/');
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
define('DB_SERVER_USERNAME', 'firefly_shop');
define('DB_SERVER_PASSWORD', 'firefly_shop');
define('DB_DATABASE', 'firefly_shop');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

// STS: ADD: Define Simple Template System files
define('STS_START_CAPTURE', DIR_WS_INCLUDES . 'sts_start_capture.php');
define('STS_STOP_CAPTURE', DIR_WS_INCLUDES . 'sts_stop_capture.php');
define('STS_RESTART_CAPTURE', DIR_WS_INCLUDES . 'sts_restart_capture.php');
define('STS_TEMPLATE', DIR_WS_INCLUDES . 'sts_template.html');
define('STS_DISPLAY_OUTPUT', DIR_WS_INCLUDES . 'sts_display_output.php');
define('STS_USER_CODE', DIR_WS_INCLUDES . 'mysql');
// STS: EOADD

/admin/includes/configure.php

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.firefly-it.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'http://www.firefly-it.com');
define('HTTPS_CATALOG_SERVER', 'https://secure.firefly-it.com');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
define('DIR_FS_DOCUMENT_ROOT', '/home/firefly/www/www.firefly-it.com/catalog/'); // where the pages are located on the server
define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required
define('DIR_FS_ADMIN', '/home/firefly/www/www.firefly-it.com/catalog/admin/'); // absolute pate required
define('DIR_WS_CATALOG', '/catalog/'); // absolute path required
define('DIR_FS_CATALOG', '/home/firefly/www/www.firefly-it.com/catalog/'); // absolute path required
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

// define our database connection
define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
define('DB_SERVER_USERNAME', 'firefly_shop');
define('DB_SERVER_PASSWORD', 'firefly_shop');
define('DB_DATABASE', 'firefly_shop');
define('USE_PCONNECT', 'false'); // use persisstent connections?
define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'
?>

Any help / advice or wizdom would be sooo appreciated as this problem does not seem to be going away. If you need any more info let me know.

Also I accidently changed the last directive in the includes/cinfigure.php file to mySQL. As you can see this is obviously wrong, opps forgot to take a backup... silly me. Does anyone know which file it should be referencing?

Thanks so much for any help!!!

Allan Stewart

P.s. I have tried the last directive in the admin/includes/configure.php to point to mysql also to no avail -- Just incase you were wondering why it is now showing as black i.e. file based

[Gina]

I was facing a similar problem with IE 6 browsers about 2 weeks ago. Check your certificate authority expiration date. IE 6 recently made some browser updates that involve SSL.

We were using a Verisign Server certificate. Verisign's original Certificate Authority expired Around January 4, 2004. 30 days later we were having the problems that you are describing. After a weeks worth of testing, we found that IE 6 was not reading the intermediate.crt file from our linux server which shows the certificate authority certificate expiring in 2011. Anyway I called Verisign and they gave me a link so that a customer could go to their site and update their browser. It was a problem that Verisign knew about. We found the problem because some of our Network Technicians were checking to see what information different browsers were logging when they accessed our site.

You may want to check with the issuer of your SSL certificate. They may have a similar issue with their certificates. We didn't want to have our customers to have to manually update their browser. We purchased and installed a geotrust certificate and the problem went away.

It took us a week to find this problem. Hopefully this helps.