Re: SSL questions

From: Andrew Bullock (trullockNO_at_SPAMyahoo.com)
Date: 01/02/05

• Next message: Cameron: "Re: Replacing items in a string"
• Previous message: Rampar: "Replacing items in a string"
• In reply to: M.E. Post: "Re: SSL questions"
• Next in thread: Luigi Donatello Asero: "Re: SSL questions"
• Reply: Luigi Donatello Asero: "Re: SSL questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Sun, 02 Jan 2005 00:51:59 GMT

M.E. Post wrote:
> "Andrew Bullock" <trullockNO@SPAMyahoo.com> wrote in message
> news:g4IAd.750$AU1.219@newsfe5-win.ntli.net...
>
>>Hi,
>>
>>I'm pretty good with html and php, been doing it for years however I have
>>only just begun trying to use SSL and secure browsing.
>>
>>I've just written a shopping cart system and come to the payment part and
>>realised I know nothing!
>>
>>All ive managed to deduce is that i need some kind of certificate and
>>https hosting.
>>
>>Could someone give me a brief (or preferrably in depth) overview of the
>>process required for me to implement a credit card payment system
>>
>>I dont need exact details, just something along the lines of an
>>explaination as to how ssl works.
>>
>>Thanks
>>
>>Andrew Bullock
>
>
> Hi Andrew,
>
> The SSL stuff isn't to difficult once you know the basics :-) I'm assuming
> you use Apache as a web server. First off you need to ascertain whether your
> hosting service (or maybe you are hosting yourself) uses an IP based virtual
> host for your site, this is very important. SSL can't and won't work with
> name based virtual hosts, the reason being that with name based virtual
> hosts the routing information is encrypted within the body of the message.
> With an IP based virtual host the routing information is available in the IP
> header and is unencrypted allowing the web server to direct traffic to your
> site. So make sure that you have an IP based virtual host. If not convince
> the hosting service that you want one for SSL.
>
> You will need a digital certificate. There are legions of companies out
> there that can deliver them but you'd want a well known player in order to
> be sure that all browsers support your SSL certificate. Every browser on the
> planet contains a set of so called root certificates, for instance open
> Internet Explorer->Tools->Internet Options->Content->Publishers->Trusted
> Root Certificate Authorities for a complete list. If your supplier isn't on
> that list your customers will get all kinds of alarming popups that won't do
> a lot of good for your reputation :-) If you want to be on the safe side you
> can get a certificate from VeriSign, Thawte, Equifax or GTE.
>
> The process for getting SSL up and running is split up in three parts:
> - creating a certificate request, see
> http://www.thawte.com/support/keygen/index.html# and select Apache+mod_ssl
> - requesting a certificate, http://www.thawte.com/support/buy_renew.html and
> http://www.thawte.com/guides/pdf/StepByStepEnrolmentSSLSGC.pdf
> - installing a certificate,
> http://kb.thawte.com/esupport/thawte/esupport.asp?id=vs18238
>
> All three steps are well documented.
>
> If you can have your hosting service carry out all steps I would advice you
> to go that way. For a novice user it can all be a bit daunting. You can
> ignore various remarks in this thread about having to include javascript or
> whatever in your pages, that's just sheer nonsense :-)
>
> Hope this helps out
>
> Cheers
>
> Meint
>
>
>
>
>
Hi,

Although not knowing these exact details, I had kind of got this far.

What im stuck with is....then what?

SO Ive got a certificate installed, but so what? what does this mean?

Do i then just make a submission for their payment details as i might do
unsecurely, then just record POSTed credit card details and save them on
the server?

Thanks

Andrew Bullock

---

• Next message: Cameron: "Re: Replacing items in a string"
• Previous message: Rampar: "Replacing items in a string"
• In reply to: M.E. Post: "Re: SSL questions"
• Next in thread: Luigi Donatello Asero: "Re: SSL questions"
• Reply: Luigi Donatello Asero: "Re: SSL questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: SSL questions ... >> only just begun trying to use SSL and secure browsing. ... So make sure that you have an IP based virtual host. ... > the hosting service that you want one for SSL. ... > You will need a digital certificate. ... (alt.php) Re: SSL questions ... > only just begun trying to use SSL and secure browsing. ... With an IP based virtual host the routing information is available in the IP ... the hosting service that you want one for SSL. ... You will need a digital certificate. ... (alt.php) Re: SSL questions ... >> you use Apache as a web server. ... So make sure that you have an IP based virtual host. ... >> the hosting service that you want one for SSL. ... >> be sure that all browsers support your SSL certificate. ... (alt.php) Re: Proposal for a new PKI model (At least I hope its new) ... > Then the world would have no problem trusting your domain level PKI ... coined the term "certificate manufacturing" to distinquish from actual ... it turns out that one of the reasons for the SSL server domain name ... (sci.crypt) Re: New Method for Authenticated Public Key Exchange without Digital Certificates ... one of the motivating factors for the SSL domain name server ... server certificate, ... Was: PKI International Consortium ... (sci.crypt)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)