|
SSL (Secure Sockets Layer protocol) is a standard for transmitting
confidential data such as credit card numbers over the Internet.
Most true business sites support this feature which allows
more security in data transmitted over the WWW. This is the
standard minimum security level for true business on the Internet.
SSL works by using a private key to encrypt data that is transferred
over the SSL connection. To read more about what is SSL and
how it works, go to http://www.modssl.org/docs/2.8/index.htmlshillpages doctor who
You can secure transfer of the confidential data on your
site through:shillpages doctor who
shillpages doctor who
Using the Key and Certificate You Already
Haveshillpages doctor who
SSL requires a dedicated IP, because name-based hosting does
not support data encryption in HTTP requests. To enable SSL,
do the following:shillpages doctor who
- Select Domain info in the Domain Settings menu.
- Click the Edit icon in the Web Service field.
- Enable SSL for the domain in the list.
- Agree to charges, if any.
- Enter the SSL Server Private Key and SSL Certificate in
the boxes that appear:
 shillpages doctor who
- In the Site Name field, choose whether you want to secure with or without the www prefix.
Only one option will work correctly. For instance, if you choose to secure
http://www.domain.com, your visitors will get security warnings when
they go to http://domain.com.
- Click Submit. Now your site is secured.
shillpages doctor who
Creating a Temporary Certificateshillpages doctor who
The only difference between temporary and permanent certificates
is that temporary certificates are generated by your control
panel, not trusted Certificate Authorities. Thus, when visitors
enter your site, they will get the "unknown certification
authority" warning window.shillpages doctor who
To generate a new temporary SSL private key and certificate,
do the following:shillpages doctor who
- Select Domain info in the Domain Settings menu.
- Click the Edit icon in the Web Service field.
- Enable SSL for the domain in the list.
- Agree to charges, if any.
- Click the link at the top of the form that appears.
- On the page that appears, confirm your details by clicking
the Submit button:
 shillpages doctor who
These data will be used to generate the certificate. Don't
make changes to the data if you are not sure about the purpose
of these changes.
- Follow instructions that appear at the top of the next
page.
 shillpages doctor who
- SSL Certificate Signing request. It includes the details
that you submitted on the previous step. Use this request
if you want to get a permanent SSL certificate from
a trusted Certificate Authority, such as Thawte
and VeriSign
(see below).
- SSL Server Private Key. This is the secret key to
decrypt messages from your visitors. It must be stored
in a secure place where it is inaccessible to others.
Don't lose this key, you will need it if you get a permanent
certificate.
- Temporary SSL Certificate. It validates your identity
and confirms the public key to assure the visitors that
they are communicating with your server, not any other
party.
shillpages doctor who
Acquiring a Permanent Certificateshillpages doctor who
To get a permanent certificate, do the following:shillpages doctor who
- Generate a temporary SSL certificate (see above).
- Copy the signing request and private key for later use.
- Go to Thawte,
VeriSign,
or any other Certificate Authority and choose to get a new
certificate. When requested, enter the signing request that
you have saved.
- After the permanent SSL Certificate has been generated,
save it to a secure location.
- Select Domain info in the Domain Settings menu.
- Go to the Web Service page and click the Edit
icon in the SSL field.
- Enter the certificate into the upper box of the form that
opens and click Upload:
 shillpages doctor who
Note: For Equifax, also enter the certificate authority file;
for COMODO.NET, also enter the rootchain certificate (Certificate Chain File).
- Now you can use the sertificate jointly with the private
key you have saved.
shillpages doctor who
Using Your Provider's SSL Certificate (Shared SSL)shillpages doctor who
If your provider offers a Shared SSL certificate, you can
use it instead of purchasing a certificate of your own. Unlike
a regular SSL certificate, it costs less, doesn't require
a dedicated IP, and belongs to an equally trusted Certificate
Authority. The disadvantage of shared SSL is that it can be
used only with third level domains. shillpages doctor who
To secure your site with Shared SSL, do the following:shillpages doctor who
- Select Domain info in the Domain Settings menu.
- Click the Edit icon in the Web Service field.
- Enable Shared SSL for the domain in the list.
- Agree to charges, if any.
- If you are using a second level domain (example.com),
you will be asked to create a third level domain alias (e.g.
domainalias.example.com):
 shillpages doctor who
Now the site is available both at the non-secured second
level domain name (e.g. http://example.com) and at
the secured third level domain alias (e.g. https://example.victor.psoft).
Note that Shared SSL certificates work only within one domain
level, i.e. for user1.example.com and not for
www.user1.example.com. In the example above, the certificate
will not work for www.example.victor.psoft,
and your visitors will get the warning: "The name on
the security certificate does not match the name of the site".shillpages doctor who
NOTE: When designing your pages set any internal links
to images or frames as <a href='https://user.domain.com/images/example.jpg'>
or simply <a href='/images/example.jpg'>. If
you use the <a href='http://...> link, your visitors
will get the message: "The page contains both secure
and non-secure items". This isn't much of a problem in
terms of security, since visitors may simply choose the "do
not display nonsecure items" option, but no graphics
will be displayed.shillpages doctor who
shillpages doctor who
|
Internet Explorer
6
