SME Server 7.3 - OSCommerce Install Instructions

Download and Install SME Server 7.3

Log into http://<server-ip>/server-manager and configure your server to your required specifications.

Before OsCommerce Installation Run these commands on SME Server :
(this allows register globals to be on for various contribs that you may find with OsCommerce as well as all checkmarks green during the OsCommerce installation.)

/sbin/e-smith/db accounts setprop Primary AllowOverride All
/sbin/e-smith/signal-event ibay-modify Primary

Alter your .htaccess in the main OsComm catalog directory.
uncomment php_value session.use_trans_sid 0
uncomment php_value register_globals 1


Download and install PHPMyAdmin:

yum localinstall ./smeserver-phpmyadmin-2.11.1.2-0.dmay.noarch.rpm

Install OsCommerce (follow OsCommerce provided installation instructions)

Copy all files in catalog to /home/e-smith/files/ibays/Primary/html/

Create your MySQL database:
(I do this via command line. I find it easier.)

mysql_setpermission
option 2
option 7

Run OsCommerce installation

http://<server-ip>/

________________________________________________________________________________
_________________________________________________________

Set up SSL Certificates

1. Make the CSR
Code:

openssl req -new -nodes -keyout newserver.key -out newserver.csr

Country Name (2 letter code) [AU]: CA
State or Province Name (full name) [Some-State]: British Columbia
Locality Name (eg, city) []: Surrey
Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany Ltd
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []: www.yourdomain.com
Email Address []: email@yourdomain.com
A challenge password []:
An optional company name []:

NOTE: (Updated Sept 8th)The Common Name that you enter can't contain an asterisk eg *.yourdomain.com unless you are buying a 'Wildcard' certificate (much more expensive). I am using osCommerce software that forces people to use 'www.' but if your site doesn't do that, you may want both https://yourdomain.com and https://www.yourdomain.com to work, or if you need https://something.yourdomain.com to work then you need a 'Wildcard' SSL certificate.

2. Submit the CSR to godaddy.com
Code:

pico newserver.csr


(and select and paste the whole thing into the form on their website)

3. After you get an email back with your certificate and another file called gd_intermediate_bundle.crt
*** Backup the files you change if you want to ***
a. Copy the text from the certificate you just got into:

/etc/httpd/conf/ssl.crt/server.crt
and
/home/e-smith/ssl.crt/<your.server>.com.crt (double check what your file is named)

b. Copy the newserver.key file to replace the old server.key
Code:

cp newserver.key /etc/httpd/conf/ssl.key/server.key
cp newserver.key /home/e-smith/ssl.key/<your.server>.com.key

(double check what your file is named)

4. The chained SSL part:
Copy the gd_intermediate_bundle.crt file you got by email (the chained ssl certificate) to /etc/httpd/conf/

Code:

cp gd_intermediate_bundle.crt /etc/httpd/conf/

Code:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
pico /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/35SSL10SSLD



Add in a this single line of text to that file:
Quote
SSLCACertificateFile /etc/httpd/conf/gd_intermediate_bundle.crt


5. Security / Restarting
(Updated Sept 8th)Ownership/Security of the crt and key files
Code:

chown root.root /etc/httpd/conf/ssl.key/server.key;
chown root.root /etc/httpd/conf/ssl.crt/server.crt;
chown root.root /home/e-smith/ssl.key/<your.server>.com.key;
chown root.root /home/e-smith/ssl.crt/<your.server>.com.crt;
chown root.root /etc/httpd/conf/gd_intermediate_bundle.crt;
chmod 400 /etc/httpd/conf/ssl.key/server.key;
chmod 644 /etc/httpd/conf/ssl.crt/server.crt;
chmod 400 /home/e-smith/ssl.key/<your.server>.com.key;
chmod 644 /home/e-smith/ssl.crt/<your.server>.com.crt;
chmod 644 /etc/httpd/conf/gd_intermediate_bundle.crt;
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf;
/etc/init.d/httpd-e-smith restart;
service httpd-admin restart;

/sbin/e-smith/config setprop modSSL crt /home/e-smith/ssl.crt/<your.server>.com.crt;
/sbin/e-smith/config setprop modSSL key /home/e-smith/ssl.key/<your.server>.com.key;
/sbin/e-smith/config setprop modSSL CertificateChainFile /etc/httpd/conf/gd_intermediate_bundle.crt;
/sbin/e-smith/signal-event console-save;
/sbin/e-smith/signal-event post-upgrade;
/sbin/e-smith/signal-event reboot;


6. Alter your config files. All you need to do now is to alter your configure.php files. They're located in (path to catalog)/includes/configure.php, and (path to catalog)/admin/includes/configure.php. OSC is designed to protect the pages that require data encryption, and altering your config files will do this for you. These pages include login, create_account, checkout, etc,. and any other pages that require data-input by the end-user.

7. In includes/configure.php, set the SSL to "true"; it should look something like this near the top, if you assigned the SSL to www.yoursite.com:
define('HTTP_SERVER', 'http://www.yoursite.com');
define('HTTPS_SERVER', 'https://www.yoursite.com');
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', '.yoursite.com');
define('HTTPS_COOKIE_DOMAIN', '.yoursite.com');

8. In admin/includes/configure.php, set the SSL to "true" and add an "s" after all the http's. So it'll look something like this, if assigned to www.yoursite.com:
define('HTTP_SERVER', 'https://www.yoursite.com/');
define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com/');
define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.com/');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

9. Save and upload your configure.php files to their appropriate directories, perhaps using your FTP tool, or other upload tool of choice, and your SSL should be running smoothly and efficiently.


I hope this helps and if there are any suggestions to comments to my methods they are greatly welcome. Please forgive any typos, I have proof read these instructions a few times and I dont belive there are any but no one is is Seven of Nine (HOT HOT HOT !!!)

I dont not take credit for all of this post as I have borrowed various post clips to make this work the way I need it to, I want to thank all of you for your great efforts in providing an excellent forums. I couldent have done it without you !!!!!
arrow
arrow
    全站熱搜

    安德森 發表在 痞客邦 留言(0) 人氣()