Heya,
So I've never worked with an SSL certificate, I understand approximately what they are (a way for the browser to ensure the page the user is on is secure) but I'm not sure how to put them to use from a programming standpoint. Can someone give me a run down of what they are and how they're used?
Thanks!
How to use SSL certificates, need help... (beginner)
Moderator: General Moderators
-
WithHisStripes
- Forum Contributor
- Posts: 131
- Joined: Tue Sep 13, 2005 7:48 pm
-
crazycoders
- Forum Contributor
- Posts: 260
- Joined: Tue Oct 28, 2008 7:48 am
- Location: Montreal, Qc, Canada
Re: How to use SSL certificates, need help... (beginner)
Well first, you need to buy one, i will only give you generic points.
You need to generate a CSR (Certificate signing request) and send it to a certificate provider, there are COUNTLESS, browse them for the best price...
When the certificate returns, they will give you a HUGE blob of text that you need to install on your server, contact your admin to know how.
Finaly, develop your website and use relative links everywhere.. that means, never code a SRC or HREF using: "http://" always use "." or ".." or simply use direct filenames. Next, make sure you add a portion of code that detects if your user is getting a page in HTTPS. The rest is handled automatically, you don't need to speak a special language or code special things...
HTTPS automatically encrypts user requests towards the server and the server does so for you. You don't need to encode or decode anything yourself but you must make sure to always use relative links so that all your information comes either from HTTP or HTTPS not both or it may open your code to attacks.
Cheers
You need to generate a CSR (Certificate signing request) and send it to a certificate provider, there are COUNTLESS, browse them for the best price...
When the certificate returns, they will give you a HUGE blob of text that you need to install on your server, contact your admin to know how.
Finaly, develop your website and use relative links everywhere.. that means, never code a SRC or HREF using: "http://" always use "." or ".." or simply use direct filenames. Next, make sure you add a portion of code that detects if your user is getting a page in HTTPS. The rest is handled automatically, you don't need to speak a special language or code special things...
HTTPS automatically encrypts user requests towards the server and the server does so for you. You don't need to encode or decode anything yourself but you must make sure to always use relative links so that all your information comes either from HTTP or HTTPS not both or it may open your code to attacks.
Cheers