Author Topic: SSL and embedding  (Read 1849 times)

Offline snitched

  • Newbie
  • *
  • Posts: 6
  • Karma: +2/-0
    • View Profile
SSL and embedding
« on: September 23, 2015, 07:01:14 PM »
I am trying to embed a shop into an existing site,
I set up SSL for the shop itself, but there is no SSL on the existing site, when I go to checkout using the embedded shop, it does not appear to be using SSL (or recognizing it?) as for example, Chrome autofill settings for creditcard information do not work, and give a warning saying this form is not using a secure connection imgur com hZoSPua

If I go to the actual abantecart store webpage, and do the same steps I do not get that warning and the autofill and SSL works fine in that example

What is the proper way to proceed to not have that issue on my main site? Do I have to get a separate SSL certificate for my main site or is there a better way to do it?

Offline eCommerce Core

  • Administrator
  • Hero Member
  • *****
  • Posts: 1600
  • Karma: +93/-1
    • View Profile
Re: SSL and embedding
« Reply #1 on: September 24, 2015, 07:30:12 AM »
Openning embed modal should have SSL in it, if your embed code has SSL.

Can you please share URL to site with embedded code?

“If you’re in the luckiest one per cent of humanity, you owe it to the rest of humanity to think about the other 99 per cent.”
― Warren Buffett

Offline snitched

  • Newbie
  • *
  • Posts: 6
  • Karma: +2/-0
    • View Profile
Re: SSL and embedding
« Reply #2 on: September 24, 2015, 11:40:29 AM »
Thats what I thought should happen, and all of the links are shown up as https for the embedded stuff, and I'm just wondering if its just an issue with the google autofill not recognizing it being SSL or it not actually being SSL, granted I want to resolve it if it's only a google autofill issue also

The link is elangranolatestsite . com/store

Offline eCommerce Core

  • Administrator
  • Hero Member
  • *****
  • Posts: 1600
  • Karma: +93/-1
    • View Profile
Re: SSL and embedding
« Reply #3 on: September 24, 2015, 08:28:15 PM »
Thats what I thought should happen, and all of the links are shown up as https for the embedded stuff, and I'm just wondering if its just an issue with the google autofill not recognizing it being SSL or it not actually being SSL, granted I want to resolve it if it's only a google autofill issue also

The link is elangranolatestsite . com/store
Thank you.

Your site looks really nice.

I checked your embed and it works as it should.
Let me explain.
All product pages (by default) are not loaded with HTTPS. These are non-secure pages. Once you go to login, checkout or any other account related section, your site switches to HTTPS.
This is correct behavior.
If you want to have HTTPS all the time, you can set main URL in settings starting with HTTPS.

Possibly, we needed additional setting for embed HTTP mode.

Hope this helps.


“If you’re in the luckiest one per cent of humanity, you owe it to the rest of humanity to think about the other 99 per cent.”
― Warren Buffett

Offline snitched

  • Newbie
  • *
  • Posts: 6
  • Karma: +2/-0
    • View Profile
Re: SSL and embedding
« Reply #4 on: September 25, 2015, 01:11:27 PM »
So is there no way to get rid of that warning with embedding at the moment?

I tried putting the default shop with https, I tried embedding that same iframe with https into another website that also has SSL in it and I still get that warning.

I believe that it's using SSL properly, however my issue is for the end user it can appear that there is no secure connection which is worrisome to me in this scenario

It's just confusing to me why this is happening, if it's an issue with embedding or if its some special case with google chrome thats causing it (if this is the case I'd still want to figure out how to fix it)

Edit:
Apparently embedding on a site with SSL working properly actually fixes the issue, I just had incorrect SSL on my main site (it was broken because favicon wasn't there and fetched some unknown icon from a non https location). After fixing that the embedded cart works fine and does not show the above issue
« Last Edit: September 25, 2015, 04:26:24 PM by snitched »

Offline eCommerce Core

  • Administrator
  • Hero Member
  • *****
  • Posts: 1600
  • Karma: +93/-1
    • View Profile
Re: SSL and embedding
« Reply #5 on: September 25, 2015, 10:06:32 PM »
In order to get rid of the waring, all included items on your page need to be included with SSL based URL.

Keep HTTPS enabled for main abantecart configuration and embed should work fine with no warning on non-secure item caused by embed.
“If you’re in the luckiest one per cent of humanity, you owe it to the rest of humanity to think about the other 99 per cent.”
― Warren Buffett

 

Powered by SMFPacks Social Login Mod