www.webdeveloper.com
Results 1 to 14 of 14

Thread: How do I activate SSL?

  1. #1
    Join Date
    Aug 2004
    Posts
    249

    How do I activate SSL?

    I have a site and my host is supposed to give me (or have already given me) the ability to use SSL.
    when I look at cPanel I see a section called SSL Manager and within it:

    Private Keys (KEY)
    Certificate Signing Requests (CSR)
    Certificates (CRT)

    I haven't figure out yet how to activate my https: address.

    Now my question is that how can I see that security icon at the button of a sample page.

    Sorry about the question, I have been thinking about 30 minutes on how to ask a clear question and this is all I came up with.

  2. #2
    Join Date
    Aug 2004
    Location
    Kansas City, MO.
    Posts
    209
    If you're using a shared SSL from your host, then they would have to give you the proper information.
    I would suggest submitting a support ticket or sending them an email.

  3. #3
    Join Date
    Aug 2004
    Posts
    249
    I will contact them.
    thank you rsd.

  4. #4
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,222
    If you are using the ssl for eccomerce you might want to perchase your own cert too. For a secure login system or something usually you can realy on a hosts cert, but I would rather purchase my own if I am putting some credit card numbers on the line by transmitting them over the internet.

  5. #5
    Join Date
    Mar 2004
    Posts
    3,056
    Also make sure your SSL installation is always as up-to-date as possible.

  6. #6
    Join Date
    Aug 2004
    Posts
    249
    I contacted my host and they said that I have to but a cert and a dedicated IP address.

    At the moment I need SSL just for learning about it. When I bought the hosting I didn't know much about SSL but I thought it was included because of this feature listed:
    - Access to Secure Server 128 Bit SSL

    I wonder then what is the meaning of above.

  7. #7
    Join Date
    Mar 2004
    Posts
    3,056
    That could mean any number of things. A good tip for buying hosting (and just about anything come to think of it) is to always read for the meaning of what they say they offer. A great deal of the time, things that come as standard on ANY server are listed as features (but in more technical terminology) to make it appear you are getting much more than you are paying for. "Access to Secure Server 128 Bit SSL" could quite literally mean they have made an arrangement with me to allow you to view a page on my server that says "Welcome to my page that has been pointlessly delivered to you over a 128 bit encrypted connection" and is delivered over a 128 bit encrypted connection. As you can imagine, this is completely pointless. Luckily for you though, so is learning anything about encryption unless you're planning on running a server yourself.

    If you're only building sites and pages etc, then just make sure your host does actually provide you with what you need and they will sort you out. Just design whatever you want and when you're ready to use it, tell your providers where you want SSL enabled on your site. Unless you're going to be manually managing a server and the server software, there really is no point in learning about SSL.

  8. #8
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,222
    128 bit ssl is about the strongest in use. I am not sure if anything higher is actually used (I do not see why you couldnt use a 256 bit or something) but if it went stronger the handshake would be very laggy. 128 is strong enough for anything practical. Do you plan on storing credit card numbers in the future? SSL does not translate into more code, it really just means that the connection between the client and the server is on an alternate port and is encrypted, https protocol requests would be encrypted and go over port 443 (not neccessarily, but that is the common port). What you should really look into for eccomerce is one way encryption of database entries. Even if no outside hacker can easily get into your server, that does not mean other people can't still browse your files (system admin).
    Last edited by PeOfEo; 12-29-2004 at 02:42 AM.

  9. #9
    Join Date
    Mar 2004
    Posts
    3,056
    Anything much above 128 bit encryption and it's highly likely you'll be having to look into some legal issues and hurdles.

    Fer yer hashing to store data in something like a database, you can use MD5 (128 bit) or SHA-1 ( 160 bit and legally fine the world over as far as I know ). If you're using php then the easiest ways of hashing data is simply
    PHP Code:
    md5($datatohash); 
    and so on. You can also access a great many other hashing algorythms such as tiger, blowfish, des, triple des and so on. Personally though I just stick with SHA-1.

  10. #10
    Join Date
    Nov 2002
    Location
    Dartmoor [Holiday]
    Posts
    2,382
    I suspect that "access to Secure Server 128 Bit SSL" means they will let you use SSL, iff you get your own certificate. For learning about SSL, you could get a free certificate from CAcert.org.

    Regarding encryption strengths, the higher the better but 128 bit is usually considered sufficient for most applications at the moment, and IIRC that is the highest strength that Internet Explorer supports. However, some browsers are better - the excellent Firefox supports at least 256 bit.

    To clarify Mr. Herer's comment: algorithms such as MD5 or SHA-1 are used for hashing data such as passwords to store it for comparison (it cannot be retrieved easily). For securing a connection (necessary if important data such as credit card details are being transmitted) you need to use SSL.

    Adam

  11. #11
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,222
    So idealy you will still have the SSL/TLS (transport layer security, the encryption between the servers, for example http and db server if they are separate machines) and you will hash one of the db feilds (salting it with a username feild or something would be a good thing to do).
    Last edited by PeOfEo; 12-29-2004 at 05:22 AM.

  12. #12
    Join Date
    Aug 2004
    Posts
    249
    Thanks a lot for your help.
    I am going to try CAcert.org

    Do I still have to buy a dedicated IP or there is an alternative for this as well?

  13. #13
    Join Date
    Nov 2002
    Location
    Dartmoor [Holiday]
    Posts
    2,382
    To be honest, I'm uncertain as to why your host are asking you to pay for a dedicated IP address at all. Which hosting company do you use? A dedicated IP is not strictly essential to run SSL on your server.

    It's possible a dynamic DNS service may help, but this is really designed for providing static domains for dynamic IP users rather than website hosts without dedicated IPs.

    Adam

  14. #14
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,222
    www.no-ip.com is my dynamic dns choice

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles