Express offer for the development of a fast online store for 7999 UAH details...

What if when switching to https, 1C:Enterprise ceases to connect to the online store {SEO-Shop}, OpenCart 2.x, 3.x, ocStore

Working on the module “data Sharing” we found several solutions to this problem.

1. To stay on http

You need to leave http specifically for link exchange, and the whole site to https. But if you just take and use the http link in the setup of exchange, then nothing will happen, because it will be executed 301 redirect to a link with https.

Therefore, you need to add an exception for a link to share the service via http.

1.1. You can choose to add an exception for link exchange

On the nginx side, do the following:

server {

   listen *: 80;

   server_name www. {domain} {domain};

   location /export/neoseo_exchange1c.php {

      client_max_body_size 132m;

      // here we directly transfer control for Apache

      proxy_pass http://127.0.0.1:88/export/neoseo_exchange1c.php;

      include / etc / nginx / proxy_params;

   }

   location / {

      return 301 https: // $ host $ request_uri;

   }

}

The option for .htaccess is as follows:

Rewriteengine on

RewriteBase /

RewriteCond% {HTTP: SSL}! = 1 [NC]

RewriteCond% {REQUEST_URI}! ^ Export / neoseo_exchange1c.php

RewriteRule ^ ([^?] *) Https://demo.neoseo.com.ua/$1 [R = 301, L]

In order for the rules written in .htaccess to work, you must disable redirection from http to https on the hosting.

1.2. You can ask the host to help configure exceptions

If you do not understand .htaccess or nginx configurations, ask the host to read this link and configure your hosting so that the exchange link is not redirected to https.

2. Make friends with https

2.1. Modify 1C: Enterprise

If you have the opportunity to look into the 1C: Enterprise configurator, then you can find the following lines there:

Connection = Undefined;

 Attempt

  Connection = New HTTP Connection (

   Connection Options.Server,

   Connection Options.Port,

   Connection Parameters. User,

   Connection Settings: Password,

   Connection Parameters. Proxy,

   Connection Settings: Secure Connection

  );

 An exception

  Add Description Errors (Description Errors,

   Description of Exceptional Errors (

    String FunctionsCustomerServer.SubstituteParametersInString (

     Nstr ("ru = 'Failed to establish connection with server% 1:% 2. Verify that the server address, port, username and password are correct.'"),

     Connection Options.Server,

     Connection Parameters. Port)));

  Connection = Undefined;

 End of the attempt;

and replace with these

Connection = Undefined;

 ssl = New Secure Connection OpenSSL (New Client Certificate Windows (), New Certificate Authority Centers Windows ()); // as_not typical for https

 Attempt

  Connection = New HTTP Connection (

   Connection Options.Server,

   Connection Options.Port,

   Connection Parameters. User,

   Connection Settings: Password,

   Connection Parameters. Proxy,

   ,

   ? (Connection Options. Protected Connection, ssl, Undefined)

  );

 An exception

  Add Description Errors (Description Errors,

   Description of Exceptional Errors (

    String FunctionsCustomerServer.SubstituteParametersInString (

     Nstr ("ru = 'Failed to establish connection with server% 1:% 2. Verify that the server address, port, username and password are correct.'"),

     Connection Options.Server,

     Connection Parameters. Port)));

  Connection = Undefined;

After that, the link with https should work.

2.2. Attach a certificate in 1C: Enterprise

You can also try to put a certificate in 1C: Enterprise itself. This is done as follows:

First you need to add the certificate to the certificate store in 1C: Enterprise in the bin folder of the cacert.pem file.

1. Download the appropriate distribution

2. After installation, you need to specify a variable, open the command line under the administrator and enter the command

set OPENSSL_CONF = D: \ OpenSSL-Win32 \ bin \ openssl.cfg

After that, the program starts to work.

3. In the browser, open the URL where you can see the certificate, open the certificate chain.

In our case, Firefox was used, so the actions for it will be described later.

We open the certificate - Read more.

4. We save each certificate from the chain 2 times in different formats

Better to use short, clear paths.

1st format

4.1 Export, select the file type X.509 Certificate in PEM format (* .crt: *. Pem)

repeat for all chain certificates

2nd format

4.1 Export, select the file type X.509 Certificate in DER format (* .der)

repeat for all chain certificates

Next, open the command line

enter the command, go to the folder with Open ssl

cd c: \ OpenSSL-Win64 \ bin

Next, we create a signature

c: \ OpenSSL-Win64 \ bin> openssl x509 -inform der -in D: \ p.der -out D: \ textcert.pem -text -fingerprint -md5

The generated signature and certificate are displayed on the screen.

Through the mark, select the result, copy and add to the end of the file

C: \ Program Files (x86) \ 1cv8 \ 8.3.5.1460 \ bin \ cacert.pem

Formatted result formatted

Making a headline

The name for the title is better taken from the certificate to be added.

View Certificate - Select Certificate - Subject CN = Symantec Class 3 EV SSL CA - G3 at the bottom

take the header from it

Symantec Class 3 EV SSL CA - G3

transfer MD to the title

It turns out:

Symantec Class 3 EV SSL CA - G3

MD5 Fingerprint = DF: 51: CE: 65: BC: 43: F9: 1B: 3E: 1E: CF: 48: AB: 23: 36: 25

leave the rest below

Next, use the notepad to open the saved certificate in * .crt format, copy its contents

Insert cacert.pem at the end of the file

Related products