Search

OUR API

API Developer Guides API Reference Sample Code [on GitHub]
SDKs [on GitHub] API Change Log System Change Log
Upgrade Guide

Hello World

Get Started Common Setup Questions How Payments Work
Testing Guide Go-Live Checklist

Support

Get Support News and Announcements Forums
Authorize.Net on GitHub Authorize.Net on Stack Overflow Developer Blog
Response (Error) Codes FAQs Knowledge Base

Sign In

Sandbox Affiliate

Search Developer Site

Integration and Testing

Authorize.Net API questions and help with your payment integration.

Reply
Highlighted
Member
screename76
Posts: 1
Registered: ‎08-24-2011

establishing https (secure) address

‎08-24-2011 02:04 PM

I am using AIM and PHP to submit transcation via a script on my server. I downloaded the sample code for php and modified it to work. currently my user are directed to an address like http://mywebsite.com/join/ where they see a form which is submited to the script passing the transaction details to authorize.net. I will like my users to see that same page at the address https://mywebsite.com/join/  I am running an apache server with https enabled already to my knowlage. anybody knows what are the steps require in order to establish the secure address?

 

Thanks in advance!

Alon

 

Message 1 of 2 (36,612 Views)
0 Kudos
Highlighted
TJPride
Posts: 1,609
Topics: 15
Kudos: 200
Solutions: 121
Registered: ‎06-23-2011

Re: establishing https (secure) address

‎08-25-2011 01:07 AM

You have to install a secure certificate through whatever control panel you have on your hosting. Generally, this means:

 

1) Generate a CSR (Certificate Signing Request) on the hosting

2) Purchase an SSL certificate from a major issuer (I get mine from Godaddy at the moment) and set it up using the same information as what you entered for the CSR

3) Install the certificate (you can get instructions on that here: http://community.godaddy.com/help/5346/ssl-installation-instructions)

 

Depending on your hosting, you may then have either a separate folder for your secure pages (https_docs or whatever) or it may reference the same folder as http and every page on your site will be accessable through both https and http.

 

IMPORTANT - You should have a line of code at the top of all your ordering pages to make sure you're secure, and if not, forward to the https version of the page url. Something like this (typed from memory, so unchecked for syntax or typing errors):

 

if (!$_SERVER['HTTPS']) {
    header("Location: https://www.{$GLOBALS['_domain']}{$_SERVER['REQUEST_URI']}");
    exit;
}

 Where $GLOBALS['_domain'] is a global variable with your primary domain.

Message 2 of 2 (36,602 Views)
0 Kudos