Re: SSL questions
From: M.E. Post (meint.post)
Date: 01/01/05
- Next message: ppoqjgjy_at_sk.com: "LOL..... I Just Found A Gwenyth Paltrow Sex Video Online. Take A Look....... VG19"
- Previous message: worzel: "where do you store app wide data?"
- Next in thread: Luigi Donatello Asero: "Re: SSL questions"
- Reply: Luigi Donatello Asero: "Re: SSL questions"
- Reply: Andrew Bullock: "Re: SSL questions"
- Maybe reply: Luigi Donatello Asero: "Re: SSL questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 1 Jan 2005 10:29:13 +0100
"Andrew Bullock" <trullockNO@SPAMyahoo.com> wrote in message
news:g4IAd.750$AU1.219@newsfe5-win.ntli.net...
> Hi,
>
> I'm pretty good with html and php, been doing it for years however I have
> only just begun trying to use SSL and secure browsing.
>
> I've just written a shopping cart system and come to the payment part and
> realised I know nothing!
>
> All ive managed to deduce is that i need some kind of certificate and
> https hosting.
>
> Could someone give me a brief (or preferrably in depth) overview of the
> process required for me to implement a credit card payment system
>
> I dont need exact details, just something along the lines of an
> explaination as to how ssl works.
>
> Thanks
>
> Andrew Bullock
Hi Andrew,
The SSL stuff isn't to difficult once you know the basics :-) I'm assuming
you use Apache as a web server. First off you need to ascertain whether your
hosting service (or maybe you are hosting yourself) uses an IP based virtual
host for your site, this is very important. SSL can't and won't work with
name based virtual hosts, the reason being that with name based virtual
hosts the routing information is encrypted within the body of the message.
With an IP based virtual host the routing information is available in the IP
header and is unencrypted allowing the web server to direct traffic to your
site. So make sure that you have an IP based virtual host. If not convince
the hosting service that you want one for SSL.
You will need a digital certificate. There are legions of companies out
there that can deliver them but you'd want a well known player in order to
be sure that all browsers support your SSL certificate. Every browser on the
planet contains a set of so called root certificates, for instance open
Internet Explorer->Tools->Internet Options->Content->Publishers->Trusted
Root Certificate Authorities for a complete list. If your supplier isn't on
that list your customers will get all kinds of alarming popups that won't do
a lot of good for your reputation :-) If you want to be on the safe side you
can get a certificate from VeriSign, Thawte, Equifax or GTE.
The process for getting SSL up and running is split up in three parts:
- creating a certificate request, see
http://www.thawte.com/support/keygen/index.html# and select Apache+mod_ssl
- requesting a certificate, http://www.thawte.com/support/buy_renew.html and
http://www.thawte.com/guides/pdf/StepByStepEnrolmentSSLSGC.pdf
- installing a certificate,
http://kb.thawte.com/esupport/thawte/esupport.asp?id=vs18238
All three steps are well documented.
If you can have your hosting service carry out all steps I would advice you
to go that way. For a novice user it can all be a bit daunting. You can
ignore various remarks in this thread about having to include javascript or
whatever in your pages, that's just sheer nonsense :-)
Hope this helps out
Cheers
Meint
- Next message: ppoqjgjy_at_sk.com: "LOL..... I Just Found A Gwenyth Paltrow Sex Video Online. Take A Look....... VG19"
- Previous message: worzel: "where do you store app wide data?"
- Next in thread: Luigi Donatello Asero: "Re: SSL questions"
- Reply: Luigi Donatello Asero: "Re: SSL questions"
- Reply: Andrew Bullock: "Re: SSL questions"
- Maybe reply: Luigi Donatello Asero: "Re: SSL questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
