SSL Stuff

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

SSL Stuff

Post by shiznatix »

Ok so I am using XAMPP and it has ssl configured into it and all that. Now I am making a site and want one section to be in using SSL and all that encryption stuff. This isnt a final product website but more of a practice site.

After reading tutorials and all sorts of other stuff about ssl I still dont quite understand. I want to make this one page secure and I want that the only way to access said page is through https. I don't know how to do any of this as when I go to https://localhost/anysite.php it just shows the regular page and has an icon saying that the site has unauthenticated content.

Does anyone know of a good tutorial for a guy who takes forever learning new stuff or maybe you already know how to do it and want to tell me ;P. Either would be fantastic.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

And if you're looking for a certificate... http://www.cacert.org might be of interest...
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

Ok first I am trying to keep a page from loading unless you have the certificate and everything. I tried to keep an entire directory off but no such luck, I did this and put it in my httpd.conf file:

Code: Select all

SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
<Location /cart/>
SSLCipherSuite HIGH:MEDIUM
</Location>
which I figured would allow all but the /cart/ directory to be viewed without a certificate and encryption and stuff, no luck. it does nothing.

I will begin to tackle the whole 'this certificate is for this site, let it be allowed' thing now.
Post Reply