Multi-shops Single SSL/IP - Introduction
|
| DotNetNuke is a great product! It allows to manage many web sites using the same programmes and the same database. Now what if, each web site becames an online shop that needs a SSL to encrypt credit card details and stuff? Well, because in the way internet works you need an IP address for each web site. (You might use the same IP with different ports, but this have some issues such as: firewall and specifying the port number on the url). |
| SDN Store has a marvellous feature to allow all the shops to use the same SSL. Basically you need to create a extra web site dedicated for payments only (we call it Payment Site) and all the shops redirects the clients to this web site when they insert their credit cards' details. The Payment Site processed the order and returns the control to the shop. The SSL is installed on the Payment Site and normally is an empty web site, the caller shop redirect to the appropriate page such: Authorize.net or Verisign page which are the same for all the shops. |
|
PLEASE NOTE: Custom Payments are not supported by this architecture, therefore you still need to use it in the traditional way where you have a SSL/IP for each domain and the https is the same as the http side. So for example if the domain is: http://www.myshop.com the https side must be https://www.myshop.com and the SSL is installed in the root of the web directory of dotnetnuke. |
Setting up the Architecture |
First of all you have to:
create the Payment Site portal;
add the SDN Store on it, clear the cache and delete all SDN Modules (we only need the Payment Pages);
create the web site that points to the dotnetnuke web folder;
install the SSL on this web site. |
 |
| After, for each shop that is going to use the Payment Site portal, you need to setup the Payment Site to use. This is on the Payment Types Page. |
 |
| Setup the Home URL and HTTPS Redirection in Site Settings |
 |
|
CC processed in the shop |
In this case you need to see the credit cards' details by clicking on the Credit Card link in the Orders Management page.
Since they have to be sent using a secure channel, they are shown in the Payment Site which has the SSL.
Because the page that shows them is only visible by Administrators, you need first to logon as an administrator in the Payment Site and then on your web site click on the Credit Card link in the Orders Management page. |
|
Sending Orders |
If the transaction type is 2 and the payments type supports that (like for example: Authorize.net AIM and Verisign Payflow Pro), the credit card is actually charged when they click on the 'Send Order' link in the Orders Management.
Since it sends the password to connect to the payment gateway, this has to be sent through a secure channel, therefore it sends them from the Payment Site which has the SSL installed.
The page that sends this information is visible only by Administrators so to do this you need first to logon as an administrator in the Payment Site and then on your web site click on the 'Send Order' link in the Orders Management page.
After you clicked on the 'Send Order' link you see the following message: |
 |
|
Although you don't see it, you got redirected to the secure channel to send your credentials to the Payment Gateway and after that you got redirected back to the orginal page and that's why it tells 'You are about to be redirected to a connection that is not secure' |