Page 1 of 1

PHP includes and session variables with shared SSL on host

Posted: Wed Nov 08, 2006 7:50 am
by amir
I have seen various references to the following problem on the web but am still not understanding the solution. I am new to the ssl and server portion of php.

My site is hosted on an IIS server (http://www.crystaltech.com) that provides shared SSL. I have added a section to my site that requires using the shared SSL. I understand that I need to use the https address that my host provides. Here are the problems.

I loose my session variables when I move from https files to my regular http files which I understand happens because using the shared SSL actually takes me to crystaltech.com and new session variables are defined. I have read some workarounds appending the session variables to the url. How secure is this and is this the only solution.

More importantly, my PHP include files are getting really screwed up. I can make them work with the https files but then NOT with the http files. I have tried both site and document relative links. HELP. If the solution is to get my own SSL certificate, that is ok. I have read that it should only cost about $20 for a year but my host pricing lists $89 for a year and a setup fee. Sound right?