Our site www.viart.com site is operated by latest Viart Shop 5 with default Clear design
ViArt User's Guide (Version 3.6)
Please, see the list of all new features and fixed bugs that were made to all ViArt PHP Shopping Cart releases from version 2.1.1 up to the latest 3.5 version.
16.3. SSL: How to set it up
16.3. SSL: How to set it up
Prev Index Next

This tutorial covers the following sections:

Back to top

Overview

If you own an ecommerce site you will definitely wish to protect information passed to and from a web site using secure HTTP connections or SSL (also known as Secure Socket Layer). ViArt shop can run under https encrypted protocol which allows you to securely work with sensitive data such as credit card numbers, users private information, etc.

For encryption usually the certificate and private key is needed, sometimes the public key is necessary too, but the first two should be enough in most cases. The configuration of the web-server allows to divide the root directory on 2 protocols - http and https. Usually the folder for HTTP called public_html (in terminology of the apache web-server it's called DocumentRoot for the server or the virtual host) and for HTTPS - secure_html. Please, use the below instructions for setting an SSL in your ViArt store.

Back to top

Setting up your ViArt Shop with SSL

To setup a secure connection in your store, please follow the below steps:

1. Purchase a private (dedicated) SSL certificate from appropriate SSL Certificate Authorities or the CAs. A Certificate Authority is an organization that issues certificates to companies that wish to proove their identity. The CA asks the certificate requester to provide information about itself and then gives back an SSL certificate.

2. Contact your hosting provider and ask them to setup your SSL certificate and make appropriate configurations on your server.

3. Once a certificate is installed on your server navigate to Administration > System > Global Settings, scroll down to Secure Site Settings to select which pages you want to appear as https:



where

Secure Site URL is the https URL as specified in your SSL certificate. Note: your https URL should be the same as your site URL, i.e if your site URL is http://www.yoursite.com a secure URL should be https://www.yoursite.com.

User SSL - enable pages of your frontend you want to access via secure connection.

Administrator SSL - select pages where you want to use https connection within your Admin interface./p>

Redirect to SSL - if enabled then all http pages in the frontend (except for the basket page) will be switched to https connection. The basket page is not included as it is not considered a security risk as it only lists products.

4. Once the ssl options are enabled scroll to the bottom of the Global Settings page and click on the "Update" button to save the changes. Now you have an SSL set up on your site and all that remains is to verify that it works properly. Make a test purchase and if http is changed to https on the pages you enabled (in the browser's bar) then your SSL is configured correctly. If, on the other hand you get any warning messages or other errors please contact your hosting company to resolve the issue.

Back to top

Configuring SSL on ViArt hosted sites

To enable https on your ViArt hosted site please ensure that secure and non secure domains are the same, like:

http://www.yoursite.com/

and

https://www.yoursite.com/

At present, all ViArt hosting plans come with the shared SSL certificate and a secure URL, like, https://hosting.viart.com/~your domain/. Hence, to enable SSL work correctly you'll have to specify a domain: https://hosting.viart.com/~.../ as a Site URL.

If you are interested in your own secure certificate and secure URL, like: https://www.yoursite.com/ please purchase a private (dedicated) SSL certificate from appropriate SSL Certificate Authorities and send a query to support@viart.com answering the below questions:

  • 1. Country Name (2 letter code) (eg [AU]).
  • 2. State or Province Name (full name) (eg, [Some-State]).
  • 3. Locality Name (eg, city).
  • 4. Organization Name (eg, company - [Internet Widgits Pty Ltd]).
  • 5. Organizational Unit Name (eg, section - [Administration]).
  • 6. Common Name (eg, YOUR name - [www.domain.com]).
  • 7. Email Address (eg, [webmaster@domain.com]).

Once received your query, we'll create a CSR (Certificate Signing Request) for your SSL certificate and we'll send it to you back. This CSR is to be sent to the Certificate Authority and they issue an SSL certificate. Then please send this certificate to us and we’ll setup it for your domain name and notify you once it is ready.

Back to top

Frequently asked questions

Can I use a shared SSL certificate with ViArt Shop

You can use a shared SSL certificate for the payment details page only. For all other pages you will need a private SSL certificate.

I'm getting an error in IE: 'This page contains both secure and nonsecure items' although my SSL is set up

The site may display secure and non secure items error in IE if you use some non-secure content, i.e images. In order for the page to be considered safe, all the data including images, pages, etc need to be on the secured site. If you want that all content is to be secured, you should copy the images folder to https folder or use https links for images or other non-secure content.

Also, please ensure that your site does not have links with the tag 'src="http". SSL certificate always gives this error if the tag contains the field "src" with some content via http. So, it is advisable to either use relative path to your images and scripts, like: src=/images/... or use src="https://

How to disable the HTTPS access to your Admin panel

To disable an https access to your admin panel please use the below query:

update va_global_settings set setting_value='0' where setting_name='secure_admin_login' and setting_type='global';

Prev Index Next