The shopping cart software fully supports SSL certificates, and we highly recommend that all sites purchase one. Even if CC information is not being stored, it is a very good idea to secure your site. Many customers will not go through a checkout process they do not feel is secure, and some of the payment gateways actually require that SSL be used (check with your gateway on this).
AspDotNetStorefront staff cannot assist with the installation of the certificate on your site unless you host with us. Questions of that nature should be directed to your host, or the certificate authority from which you purchased certificate. Before trying to enable SSL in the cart, ensure that the certificate is properly installed by going to https://www.yoursite.com. If the page loads without any warnings (on https), the cert is functioning.
There are several things to remember when purchasing an SSL certificate:
- AspDotNetStorefront does not support shared certificates.
- Some of the 3rd-party services our software interacts with have lists of acceptable certificate authorities. Purchasing an SSL certificate from a company that does not appear on that list will lead to issues. Be sure you purchase a certificate from a large, reputable company to avoid this type of issue. Contact AspDotNetStorefront if you need to purchase an SSL certficate and we'll help you out.
In order to use SSL on multiple site domains (MultiStore), a certificate that supports multiple domains is required, or multiple single site certificates. You will also need to create a new LiveServer setting for each store and set it to the appropriate domain.
Once the SSL certificate is installed on the site and working, follow these steps to make the shopping cart use it:
Set the UseSSL Setting to true. (In versions 10.0.25+ there is a single new setting: HTTPSEnabled )
Set the LiveServer Settingto 'yourdomain.com' (no www).
If customers must access your site at www.yourdomain.com instead of just yourdomain.com for the SSL to work:
open the Web\web.config file with a text editor, find this line:
NOTE: Depending on your cart version, this may be found or added to the /Config/RewriteRules.config file. Check with the Vortx Help Desk if needed.
If you want the cart to go non-secure again on pages that don't need to be secured (product pages, home page, etc), set the GoNonSecureAgain setting to True. (In versions 10.0.25+ there is a single new setting: HTTPSEnabled )
If you want the site to always use HTTPS, then set the Configuration - Settings - AlwaysUseHTTPS to TRUE (In versions 10.0.25+ there is a single new setting: HTTPSEnabled )