SSL How To?

I was hoping someone would be able to tell me exactly what steps I would take to make the form page I created in Joomla using Chronoforms an ssl page.

I have bought the certificates and have had the ssl generated by my host provider.

What pages exactly and what should be the appropriate process to place them inside the secure folder?

Thank you in advance for your help.

ST

Hi,

At too many cases you can switch to SSL by only making the page URL start with https and not http, you don't have to put any files under the private folder unless your host forces this and this will be very odd, you may have to put all your site under private folder!!

so, at the menu item for chronofoms, make the URL start with https, thats all!!

Cheers

Max

Ok I went to the menu item, and in the "Edit menu item: Link URL"

under link I changed the http: to https:

I had an error code.. -12263

i left it there so you may check.
Hoping maybe you knwo why it isnt working???

Thank you again for your help🙂<br><br>Post edited by: stormtracker, at: 2007/12/06 07:58

Hi StormTracker,

Sorry, I don't know anything about SSL. You'll find the error message here but not how to fix it😟

Bob<br><br>Post edited by: GreyHead, at: 2007/11/10 13:21

Help us Obi One Kenobi your our only hope! lol

Thank you Greyhead for the follow up.

It is of great importance I finish this project this weekend. Is it possible Max may know? Or would you have any idea of where I should look for the answer if not? Thank you guys again for your help.🙂

Hi,

Searching the error message text I got those :

http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:49925

http://boards.fool.co.uk/Message.asp?mid=10354751&sort=whole

Hope they may help however I think your host admin should do something since all your website can not be accessed through https and not only the form page, ask them to have your website homepage accessible through https🙂

Cheers

Max

What version of Joomla! are you using? I know in 1.5 you can apply SSL to menu items and enable it there. Let's say the contact link is in your main menu.

Go to Menu > Main Menu and then click on "Contact" or whatever the menu link is for the contact page you are talking about. On the right side, click on "Parameters - System." You should see an option that says "SSL enabled" with three options: Off, Ignore, and On. Click "On" and then Save.

See if that works.

In Joomla 1.0.x, it is impossible to have specific pages FORCED as SSL, no matter what you have read or heard.

It does not work properly... you will ALWAYS get warnings (broken lock icon) about secure and unsecure items on an SSL https:// page.

The only way to ensure security (force SSH on secure pages) and to eliminate warnings is to set $mosConfig_live_site = 'https://www.yourdomain.com'; in configuration.php

PLEASE SOMEONE CORRECT ME IF I AM MISTAKEN

I have several sites under development that require secure forms (reservation forms, rental applications, etc.)... however I have YET to find a satisfactory solution.

I am going to test STATIC HTML pages copied from the generated HTML. The annoying part is changing all other links to http:// and changing all linked assets (CSS, images, js, etc.) to https://

The next annoying part is to see if the static HTML pages interfere with the SEO URLs they replace. :pinch:<br><br>Post edited by: PlayGod, at: 2008/02/06 18:29

Hi,

No, You can have Full HTTPS for some pages, assuming you need all ChronoForms pages with SSL you will have to do this :

at the template file index.php, go to the top of the file after the first line and add this code :

if($option == 'com_chronocontact'){
$mosConfig_live_site = 'https://www.yourdomain.com';
}else{
$mosConfig_live_site = 'http://www.yourdomain.com';
}

Cheers,

Max<br><br>Post edited by: GreyHead, at: 2008/02/06 19:43

Thank you very much, I think this is going to work for me. I very much appreciate your assistance and I will be uploading some very useful forms very soon!

OK, with the help of GreyHead's plugin for sh404SEF (slightly modified), I have the URL working correctly, and the pages are not giving secure/unsecure warnings.

However, the URLs are still accessible via normal http://

Is there a way to force those particular pages to ALWAYS use SSL?

e.g.

http://www.southeasternexpeditions.com/Reservations.html

should always be

https://www.southeasternexpeditions.com/Reservations.html

Hi PlayGod,

Just a thought - could you use sh404SEF to force a re-write to https?

Bob

Bob, I thought to enter the entire URL into a custom redirect, but this is not possible... only relative URLs supported.

There is a feature to force non-SEF on https, but this is not appropriate. I haven't found any other "button click" feature in sh404SEF to force SSL. You would think the template index hack (above) would do the trick, but NO.

Maybe I can look at hacking your plugin more to make the full URL. That could be possible and I will try tomorrow. Because all forms on this particular site need SSL, there may be some way to do it via the plugin. I will talk to my programmer compadre and see what he suggests.

Thanks again for the great support on this forum!!!<br><br>Post edited by: PlayGod, at: 2008/02/06 22:34

Hi PlayGod,

Have you seen this (also in Joomla 1.0.x from 1.0.12 on). I only had a quick look but I think a little code might do what you want.

Bob<br><br>Post edited by: GreyHead, at: 2008/02/06 22:44

One problem:

When you click back on a non-SSL link after visiting a SSL page, you get warning for mixed secure/unsecure, also warning on ""thank you" page.

see:
https://www.southeasternexpeditions.com/test_form.html


Thanks for the tip on the Joomla site. I hadn't really gotten into the programming side, just asking for help on the forums.<br><br>Post edited by: PlayGod, at: 2008/02/06 22:48

Hi PlayGod,

Hmmm . . . with FireFox at least they only ask once!

Bob

Thanks for all the help, we will work more on forms as we need one that submits to a payment gateway for the next site... for now, the others are fixed "enough"😉

mosConfig_live_site does not really fix the last problem that occurs when you leave a SSL page... because mosConfig_live_site affects all relative or Joomla-generated URLs, it turns all links into https:// links, and all relative URLs into https:// links.

Hi,

This piece of code was done to get all Docman component pages into SSL and then convert to normal HTTP once the docman page is left, change it as you need but I'm SURE it should work because I tested it before:

<?php 
if ( ($option == 'com_docman' ) 
    && ( strpos("x".$mosConfig_live_site,"http://"«» )  ) 
    && ( $_SERVER["SERVER_PORT"] != "443"«» ) ) {
  $mosConfig_live_site2 = str_replace("http://", "https://", $mosConfig_live_site);
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']);
} elseif ( ( $option != 'com_docman' ) && ( $_SERVER["SERVER_PORT"] == "443"«» ) ) {
  $mosConfig_live_site2 = str_replace("https://", "http://", $mosConfig_live_site);
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']);
}
?>

Cheers,

Max

Edited to parse the code a little for clarity.<br><br>Post edited by: GreyHead, at: 2008/02/09 20:19

Max, that did the trick. Thank you so much! :silly:

Sorry but didn't do the trick for me. I have some questions.

1) On this website I'm already using Choronoform but https is not necessary. My request was for just ONE Form that requires https and leave the other forms untouched. Can this be done? I would logically guess that I have to put in a specific URL that I want it to be https, right?

2) Exactly what file name and where to put the code? Just saying put on the top didn't really help me.

Is this the right code (taken from docman above):

<?php  
if ( ($option == 'com_chronocontact' )  
    && ( strpos("x".$mosConfig_live_site,"http://" )  )  
    && ( $_SERVER["SERVER_PORT"] != "443" ) ) { 
  $mosConfig_live_site2 = str_replace("http://", "https://", $mosConfig_live_site); 
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']); 
} elseif ( ( $option != 'com_chronocontact' ) && ( $_SERVER["SERVER_PORT"] == "443" ) ) { 
  $mosConfig_live_site2 = str_replace("https://", "http://", $mosConfig_live_site); 
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']); 
} 
?>

Many thanks!

This is a message for PlayGod:

I visited your website and wanted to send you PM but no luck. You have a very lovely website and I'm assuming that all the chronoforms that are on the websites are SSL. How did you manage to solve the SSL? Thank you.

Hi deafbiz,

I think if you put the code into the front end of your form html it will only redirect when that form is displayed. Try it and see if it works OK.

Bob

No luck. I'm using the test form.

Tried this way (of course I changed to my domain):

if($option == 'com_chronocontact' ){ 
$mosConfig_live_site = 'https://www.yourdomain.com'; 
}else{ 
$mosConfig_live_site = 'http://www.yourdomain.com'; 
} 

Name: <input name="name" value="" type="text"><br />
E-mail: <input name="email" value="" type="text"><br />
input name="submit" value="Submit" type="submit"

and this way:

<?php   
if ( ($option == 'com_chronocontact' )   
    && ( strpos("x".$mosConfig_live_site,"http://" )  )   
    && ( $_SERVER["SERVER_PORT"] != "443" ) ) {  
  $mosConfig_live_site2 = str_replace("http://", "https://", $mosConfig_live_site);  
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']);  
} elseif ( ( $option != 'com_chronocontact' ) && ( $_SERVER["SERVER_PORT"] == "443" ) ) {  
  $mosConfig_live_site2 = str_replace("https://", "http://", $mosConfig_live_site);  
  mosRedirect($mosConfig_live_site2.'/index.php'.'?'.$_SERVER['QUERY_STRING']);  
}  
?>

Name: <input name="name" value="" type="text"><br />
E-mail: <input name="email" value="" type="text"><br />
input name="submit" value="Submit" type="submit"

Am I missing something?

Hi deafbiz,

Which version of Joomla are you using, this was written for Joomal 1.0. you'll need to test with legacy mode on if you're using Joomla 1.5

Bob

Joomla 1.0.15 and the latest Chronocontact component. I've installed on another website that has SSL. In this case, will only use one chronoform with https. The other website is also Jooml 1.0 15 but already is using Chronoform so need to make one new Choronoform SSL. Thank you for the speedy response!

Hi,

Please add the following lines at your template file and replace the form name, it should work, I used this before🙂

<?php
if ( ($option == 'com_chronocontact' )
    &&($_GET['chronoformname'] == 'myform' )
    && ( strpos("x".$mosConfig_live_site,"http://" ) )
    && ( $_SERVER["SERVER_PORT"] != "443" ) ) {
  $mosConfig_live_site2 = str_replace("http://", "https://",
    $mosConfig_live_site);
  mosRedirect($mosConfig_live_site2.'/index.php' .'?'.$_SERVER['QUERY_STRING']);
} elseif ( ( $option != 'com_chronocontact' ) 
    && ( $_SERVER["SERVER_PORT"] == "443" ) ) {
  $mosConfig_live_site2 = str_replace("https://", "http://",
    $mosConfig_live_site);
  mosRedirect($mosConfig_live_site2.'/index.php' .'?'.$_SERVER['QUERY_STRING']);
}
?>

Cheers

Max

Can you please specify which file? I've tried in index.php before and after the body tags but no luck.

Thank you.

Bump. I'm almost done with the form but want to get SSL working.

Bump again. I'm sorry to post this here.

Greyhawk has my details but I know he's busy elsewhere so would appreciate if someone can offer assistance here.

My client is asking for 2 forms, one for online ordering and one for donations. I got the donations form all set up but I am not able to make it work in SSL. It has to be that one form in SSL, not the entire website.

I am still using J 1.15 but if I need to switch to J1.5 I'll consider it.

I hope I'll get this working soon.

Thanks.

Hi deafbiz,

Sorry, other than the code Max has posted here I have no suggestions and I don't have an ssl site to test on.

Bob

Well, I do have a live website with SSL if you want to play with it. It's offline right now so it's safe to try it out.

I tried Max and it didn't work. Obviously I'm missing something.

Bump. I have a live SSL website with Joomla 1.5.4 installed.
I also installed the latest ver. of Chronofrom J1.5 RC3 today.
I was able to create a menu and turn on SSL.
I got the form to work in SSL (in Firefox I got the popup up message only once so I need to recreate and know how to make it not pop up in the first place. I didn't have that in ie6).
The problem? Once it's in SSL, it won't go back to non-SSL.

I've followed all the codes in this thread and none works.

So can someone please be clear on this:
1) What code and where shall I put in index.php?
2) What code and where shall I put in Form Code / Form HTML?

I have other forms in Chronoform on the same domain so I need to be able to mix SSL and non-SSL.

Many thanks. Once this is solved, it deserves to be in the tips section. And ChronoForm blows Phil-a-Form and Joomla Forms outta the water!

Update: SOLVED!!! 😀 I used this code in index.php just above </head>:

<?php
if ( ($option == 'com_chronocontact' )
&&($_GET['chronoformname'] == 'myform' )
&& ( strpos("x".$mosConfig_live_site,"http://" ) )
&& ( $_SERVER["SERVER_PORT"] != "443" ) ) {
$mosConfig_live_site2 = str_replace("http://", "https://",
$mosConfig_live_site);
mosRedirect($mosConfig_live_site2.'/index.php' .'?'.$_SERVER['QUERY_STRING']);
} elseif ( ( $option != 'com_chronocontact' )
&& ( $_SERVER["SERVER_PORT"] == "443" ) ) {
$mosConfig_live_site2 = str_replace("https://", "http://",
$mosConfig_live_site);
mosRedirect($mosConfig_live_site2.'/index.php' .'?'.$_SERVER['QUERY_STRING']);
}
?>

And turn on the Legacy Plugin!

Furthermore, I added another non-SSL form and it works! So now I have a choice of SSL and non-SSL forms on same domain!

Can someone with J 1.5 try to duplicate this and if it works, then it goes to the Tip Section?

One small pet peeve but then again, I'm just practicing on a spanky new J 1.5 website without SEO on, but when I want to go from SSL to non-SSL, the url shows http://domain.com/index.php? whereas in non-SSL format, I don't get the "index.php?" in the URL. What do I need to do to make "index.php?" go away?

Hi deafbiz,

how are you doing, sorry but only now I remember your email, had lots of issues the past 3 months...

glad all is working now, for the URL index.php issue, this will not be solved because we use a redirect to non SEF version, how to redirect to SEF verion, I can't answer this now, but we will have an answer soon when I look at the J1.5 code about this!

we will add this to the FAQs but also when I update the code you used to be J1.5 native and so the legacy don't have to be enabled!🙂

Best regards,

Max

I'm trying to set this up and have tried both code examples, but to no avail. I'm happy I haven't crashed my site if that's any consolation. 🙄

When you say to put this php code in the index.php file, do you mean the index file under the template folder?
for example: publiic_html/templates/templatename/index.php?

I have tried both Bob's and deafbiz's (which I realize was J1.5) but when I go to the form url
http://www.mysite.com/index.php?option=com_chronocontact&chronoformname=Directory

it does not switch me to https://

I am in Joomla! 1.0.15.

Any assistance would be appreciated. Thanks!

PS I'm ok with all forms being SSL

Cheryl

Thanks for the great tip tachometry_nik!

Best regards,

Max

I have used this code and it does the re-direct but the images and the CSS are using HTTP links instead of HTTPS

Any ideas on how to fix this? I have all the SEF options turned on and I am use a base url in the configuration.php file.

images and css where ? in the form code or template ?

In firefox the site loads but where the SSL icon would be there is a warning and if you click it it tells you there is mixed content.

In internet explorer I get the warning about mixed content and if I tell it not to display there is no CSS or images. I am using a template for the site.

I have also been trying to use sh404SEF to try to get this to work and I cant seem to get this thing to work no matter what I do.

I am willing to paypal $50 to anyone who can make this work for me. I have about 2 solid days in this. PM me if someone is interested.

Hi ccondo,

some modules or extensions are just using the non secure path to the files, or maybe your template, I need to know if this SSL issues happen only on the form page itself or at other pages with SSL too ?

Cheers
Max

Currently I am trying to make this work by using menu items and using the chrono form type and the name of the form. Then I tell the menu item to use SSL.

I will also need to be able to use urls to the form so I can use URLs on buy now images, etc.

Ok, can you disable SSL at the menu item of this form and follow this post:
http://www.chronoengine.com/forums/index.php?option=com_chronoforums&cont=posts&f=5&t=3559&st=0&sk=t&sd=a&start=30#p10764

Here is what I have done

I disabled SSL on the menu item and I used the code with the proper form name in my index.php file like the other post suggests. I then disabled URL rewriting in the sh404SEF system for the chrono form component and cleared the cache. I then try to go to the form and I now get:

There is no form with this name or may be the form is unpublished, Please check the form and the url and the form management

The url format when I hover over the item is:
http://www.domain.com/index.php?option=com_chronocontact&Itemid=216

Any help as always is appreciated

$50 via Paypal to anyone who can make this work for me.

PM me.

$200 via paypal whoever can make this work for me

Hi ccondo,

Please send me a PM with the website login details as an admin and any more details you have! please tell me about your deadline for this as I have alittle unpredicted schedule in the next 24 hours!

Regards,
Max