Now I want to move the WHOLE website, over to a SSL directory. I
know that PerlShop3.2 can do just the personal info SSL, that is No
Good. I need the Whole site behind SSL.
Ok, this is what I tryed so-far. I changed the Link on the "Home"
page to point to the SSL directory. Through-out the sites pages, I
changed all necessary links from "HTTP" to HTTPS" Then I went through
PerlShop3.2, the shopping cart script and did the same. Changed all "HTTP" to HTTPS", that where related to "$server_address", "$image_location", and "$cgi_directory".
Also, the followig options are set to "NO",
$use_cgiwrap = 'no'
$use_secure_server = 'no'
So, now that I did all of this(still have orginals), the PerlShop
script fails when I click on the first link to "Enter" the Store.
Displaying the following error;
*******************************************************************
CGIWrap encountered an error while attempting to execute this script:
Error Message: No such file or directory
Error Number: 2
********************************************************************
Does anyone have any Idea what I did wrong, or better yet, What I should
have done in the first place?????
Thanks in advance.
Don Con...
Do you have your own certificate or are you using a shared one provided by your host?
If you don't have your own, I don't think you can use https. If you have your own, you don't necessarily have secure pages, but you have a certificate and anything that comes through https will be secure; anything that comes through http will not. It could be the same pages.
In general, by the way, there's a fair bit of overhead to using secore pages and it would seem that usually you would only want specific pages to be secure.
Tom
If I wanted an entire site to be secure, I would definitely buy a certificate. A shared certificate is okay if you have just a shopping cart page or something. You can have secure pages on a shared cert, but if memory servers, there are some drawbacks.
1. You won't be able to just switch back and forth with http: and https: If you have your own cert, you can simply make a secure connection to any page on the domain by requesting it with the proper method. I don't believe that's possible when you are on a shared certificate.
2. If people look at the security info, they will be buying from www.dConOne.com but the certificate will have been issued to www.123hosting.com. If they have sensitive security settings, this will flag a warning, telling them that there is a problem with the certificate.
Can I make a suggestion? Thawte will provide you with a free, time-limited test certificate. It will flag a warning because the address and so on won't match, but it will allow you to test your setup with a genuine certificate. This will let you bang around for a while and see if you like it. You may also be able to get the same with a Verisign certificate. You can also get a FreeSSL cert for ... yes free, but it is recognized by fewer browsers.
Cheers,
Tom
Have you tried to contact the people who do PerlShop? Are they currently providing any support for it at all, whether free support or for a reasonable charge?
And thanks for the tip Tom, that's good to know about the certificates.
Marcia,
This version of PerlShop 3.2(the one I'm using)is no longer supported, and the company that wrote it, closed shop. (oops)
There is a new company that released a version 4.0, but their
pushing me, to buy the newer version. Which is way more then I need for this site..
Thanks again...
Don
Also, look to Register.com for a certificate.
It is possible to just secure some of your site, but the programming would have to be there to make sure you call the right protocol when you need it.
