Register

The Most Active and Friendliest
Affiliate Marketing Community Online!

Register
“AdsEmpire”/  Direct Affiliate

SSL Certificates

I have the option turned off in my phpnuke site because I have no idea what it is :oops:
 
SSL

The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.

1.

A browser requests a secure page (usually https://).
2.

The web server sends its public key with its certificate.
3.

The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
4.

The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
5.

The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
6.

The web server sends back the requested html document and http data encrypted with the symmetric key.
7.

The browser decrypts the http data and html document using the symmetric key and displays the information
Click to expand...

and

How do you know that you are dealing with the right person or rather the right web site. Well, someone has taken great length (if they are serious) to ensure that the web site owners are who they claim to be. This someone, you have to implicitly trust: you have his/her certificate loaded in your browser (a root Certificate). A certificate, contains information about the owner of the certificate, like e-mail address, owner's name, certificate usage, duration of validity, resource location or Distinguished Name (DN) which includes the Common Name (CN) (web site address or e-mail address depending of the usage) and the certificate ID of the person who certifies (signs) this information. It contains also the public key and finally a hash to ensure that the certificate has not been tampered with. As you made the choice to trust the person who signs this certificate, therefore you also trust this certificate. This is a certificate trust tree or certificate path. Usually your browser or application has already loaded the root certificate of well known Certification Authorities (CA) or root CA Certificates. The CA maintains a list of all signed certificates as well as a list of revoked certificates. A certificate is insecure until it is signed, as only a signed certificate cannot be modified. You can sign a certificate using itself, it is called a self signed certificate. All root CA certificates are self signed.
Click to expand...

More on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html
 
:)

It's all about safety and who do you trust. I think it depends on the type of website you run.. it's your choice. Security is always GOOD :)
 
Re: SSL

novocaine said:
The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.

1.

A browser requests a secure page (usually https://).
2.

The web server sends its public key with its certificate.
3.

The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
4.

The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
5.

The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
6.

The web server sends back the requested html document and http data encrypted with the symmetric key.
7.

The browser decrypts the http data and html document using the symmetric key and displays the information
Click to expand...

and

How do you know that you are dealing with the right person or rather the right web site. Well, someone has taken great length (if they are serious) to ensure that the web site owners are who they claim to be. This someone, you have to implicitly trust: you have his/her certificate loaded in your browser (a root Certificate). A certificate, contains information about the owner of the certificate, like e-mail address, owner's name, certificate usage, duration of validity, resource location or Distinguished Name (DN) which includes the Common Name (CN) (web site address or e-mail address depending of the usage) and the certificate ID of the person who certifies (signs) this information. It contains also the public key and finally a hash to ensure that the certificate has not been tampered with. As you made the choice to trust the person who signs this certificate, therefore you also trust this certificate. This is a certificate trust tree or certificate path. Usually your browser or application has already loaded the root certificate of well known Certification Authorities (CA) or root CA Certificates. The CA maintains a list of all signed certificates as well as a list of revoked certificates. A certificate is insecure until it is signed, as only a signed certificate cannot be modified. You can sign a certificate using itself, it is called a self signed certificate. All root CA certificates are self signed.
Click to expand...

More on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html
Click to expand...

Thanks Novo,
This is quite informative.
Lanre
 
Yea we're running it without a cert for now, it looks like. Luckily for me, the checkout process is done on Google's servers, which are running on the secure layer, so I'm not worried about customers losing their moneys at least.

As far as stock goes, I don't think we're going to have it managed automagically, here's to hoping it's not going to be me updating it..
 

Similar threads

G
how to use ssl and https with wordpress?
Replies
11
Views
2K
no2pencil
no2pencil
S
What SSL do you prefer ??
Replies
5
Views
1K
Rackend
R
J
Going online with a new site – SSL Certificate issue!!!
Replies
1
Views
2K
krystalpaul
K
temi
SSL Hosting with Velnetweb
Replies
0
Views
2K
temi
temi
MI
Back