Page 1 of 1
SSL question
Posted: Sun May 13, 2007 3:22 am
by funguru
Hi.. i am designing a database driven website for a client with login info etc.. half way down the project the client wants the website on secure server.. therefore i am getting the server a SSL docomo certificate..
my question is, what changes would i need to do (if any) for my login and other pages to work while there are in SSL server?
i got to know that mostly no changes are required to the code.. but then would i have to enter all absolute url's while linking or can this work with relative url's too?
Thanks
Posted: Sun May 13, 2007 3:33 am
by timvw
If you're using relative urls this will have zero impact.. Otherwise you'll need to change http with https...
Posted: Sun May 13, 2007 5:30 am
by funguru
does that mean that i will have to change all the relative url's to absolute and add https:// for ssl to work? no other way out?
Posted: Sun May 13, 2007 6:02 am
by timvw
funguru wrote:does that mean that i will have to change all the relative url's to absolute and add https:// for ssl to work? no other way out?
Why would you want to convert a relative url to an absolute one?
Posted: Sun May 13, 2007 6:06 am
by funguru
all relative url's will naturally be http:// so how else can i make them https:// ?
Posted: Sun May 13, 2007 7:27 am
by Ollie Saunders
all relative url's will naturally be http://
They will?!
If however you are talking about redirects:
then you should write them as absolute anyway.
Posted: Sun May 13, 2007 9:02 am
by funguru
what i meant was that all urls will be
http://www.mycompany.com/login.php..
how can i get them all to be
https://www.mycompany.com/login.php ? is there a script which i would need to add to make them all https instead of http?
Posted: Sun May 13, 2007 12:42 pm
by Ollie Saunders
Are you certain? Have you tried it?
Posted: Sun May 13, 2007 8:58 pm
by funguru
no i have not tried it.. but it seems that way.
Posted: Sun May 13, 2007 11:27 pm
by Stryks
It's really worth trying things out, if for no other reason than just to see if it *would* work. It should only take a few seconds and will really help with understanding things much better than even the best and clearest of explanations.
Actually, I wonder why the call them relative urls. Relative to what I wonder.
Because unless you have a base href set somewhere ....
Posted: Sun May 13, 2007 11:46 pm
by funguru
I did try it out and i think it will work without a problem... i was thinking that evertime a file is requested the browser would automatically go to http:// but it seems like once it running under https:// it will follow the same theme unless a special link with http:// is created to exit the secure area.
thanks for the help
Posted: Sun May 13, 2007 11:49 pm
by John Cartwright
Stryks wrote:Actually, I wonder why the call them relative urls. Relative to what I wonder.
To the current directory
Posted: Sun May 13, 2007 11:54 pm
by Stryks
To the current directory
Yeah ... I was a bit vague I know ... just my attempt at hinting that once the page is shown in https: the relative links will be relative to https: (unless a base href is set otherwise I believe).
Sorry about the confusion.

Posted: Thu May 17, 2007 6:31 pm
by RobertGonzalez
I know this is a few days old, but on SSL, if you are using cookies, you may want to make sure you set the cookie_secure flag in the
setcookie() function. Also, if your entire site will be behind SSL, you may want to edit your server config to forward all port 80 traffic to port 443 (or whatever your secure port is).