Surprisingly the HR support FAQ provides no information as to how you hook into the secure site.

I have been provided a url, like: https://securehostnn.hrwebservices.net/~mysite/

Well and good... but how do you hook your php pages into this?

I believe I dont have to do much except prefix links with https://

That and ensure a page is loaded over https:// by checking $_SERVER['HTTPS'] equals 'on'.

Anything else?

I would experiment if only I could upload stuff over ftp :/

When I got my shared ssl, it sourced from the pages already in my directory ... for instance:

http://www.dsfkljfkl.com/file.php
--- is the SAME file as ---
https://securehostnn.hrwebservices.net/~dsfkljf/

httpS://www.dsfkljfkl.com/file.php isn't possible unless you get your own cert.

Yeah I got there in the end. HR provided the information for me via a TT.

As you say, you need to prefix your files with https://securehostnn.hrwebservices.net/~dsfkljf/ where dsfkljf appears to be your account's username.

One disadvantage of using the shared cert is that session variables need a little effort to preserve them over the http to https switch since you are changing domains.

No doubt there is a better explanation...

Basically if your site www.mysite.com has a file, say, www.mysite.com/index.php which creates a session with variables, those variables will not be available in https://securehostnn.hrwebservices.net/~mysite/secureform.php (where secureform.php is moved to after index.php).

It is quite obvious really but since it is the 'same' site, it is easy to overlook.

Use the MySQL database to store the data temporaily. Use their IP and a timestamp perhaps or have them log in. I'd say use their session ID, but that's change as well on the server switch.

Oh! Just pass it via the URL. Ugly, but it works...

I considered those options but in the end I just called the file via SSL a little earlier. A bit more overhead but no need for extra coding.

And no ugly url's :)

Hi,

I have been having this same problem. I am a photographer (http://www.lhstudio.com/) and am trying to set up a store front to sell some of my work. I have my site on a secure server and am sharing a certificate, but when I log into https://securehost22.hrwebservices.net/~lhstudi//LHShop/ it shows secure but does not display any images. This is a big problem when the images are what you are trying to sell. It works fine when you use just http: at the front end.

I did understand a good bit of what you said about this, but not enough to really do anything about it. Afterall, I am a photographer and not a web programmer, but I do have a fair understanding of HTML and how it all works together.

Is this something I can fix and if so, how? Any help would be greatly appreciated.

Thanks,

In case anyone is interested, HostRocket can issue and install an SSL certificate just for your domain, so you could have a URL such as https://www.yourdomain.com or https://secure.yourdomain.com.

We've partnered with Geotrust and we can directly issue a QuickSSL Premium certificate for your site at the rate of $119 per year.

If you were to purchase the same certificate directly from Geotrust, you would pay $229 for the first year and then $179 for each year after that.

Due to the volume, we're able to purchase the certificates in bulk at an incredible rate and we pass the savings along to you, the customers.

http://geotrust.com/web_security/quicksslpremium.htm

Geotrust is the 2nd largest digital certificate provider and offers what we feel is one of the best overall solutions.

If anyone does want a certificate issued, just send in a trouble ticket stating that you'd like to purchase one and we'll take it from there.