Solved

SSL Implementation

Posted on 2003-12-09
4
755 Views
Last Modified: 2010-04-11
How to set up an existing http site to work on SSL .
What are the different steps involved . Maybe following questions will help me understand the implementation of SSL

(1) Can we add SSL to the web?
(2) How do we add SSL to our web?
(3) Since our servers are managed by a third party vendor , I need to know what to ask them to do. (4) How it will impact or website.
(5) Do we need to provide a digital certificate? If so , where do we get one.


Best Regards
Amit
0
Comment
Question by:amitjk
  • 2
  • 2
4 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9908345
(1) Can we add SSL to the web?
probably
(2) How do we add SSL to our web?
You'll have to have a name registered in DNS, submit to a business check or be registered with Dun and Bradstreet or the like, and give somebody some money.

Apache: http://rocky.uta.edu/doran/vugm2001/
IIS: http://www.instantssl.com/ssl-certificate-support/cert_installation/iis_ssl_certificate_5x.html

(3) Since our servers are managed by a third party vendor , I need to know what to ask them to do.
If you have a co-located server see 5. If you have a managed web service just call and ask them.
(4) How it will impact or website.
More processor overhead for ssl delivered pages.
(5) Do we need to provide a digital certificate?
An SSL certificate is a digital document that says the Certificate Authority says the web site belongs to you. They will provide the necessary keys. If this is a shared server at a hosting company, they probably have a shared certificate you can use.
(6) If so , where do we get one.
http://www.sslreview.com/content/index.html

0
 
LVL 5

Expert Comment

by:Insolence
ID: 9940942
Lemme try that again for you...

#1: Yes, most likely
#2: Since you're not the actual host, you don't do anything except ask your host to change your website to SSL.  Unless they give you some sort of web-based interface to manage your own website.  Then typically, you can do it on your own
#3: Call up your host and say... "Can I change my website to use a secure connection since I have private data that will be tranferred back and forth?"  Something along those lines.
#4: It will not impact your website directly.  Users WILL have to go to https:// instead of http unless you forward them automatically to https or something.  This you can discuss and setup most likely with your host.
#5: No, in almost no cases do you need to provide a digital certificate.  Most hosting services provide one, or you can ask them to make you a self-signed certificate.  This isn't the most secure, but it's free.  If you DO need one, or want one for some reason from a trusted company, be ready to fork out good money yearly.  That link provided above should suffice, it shows and reviews the major SSL certificate providers.

Just providing a different wording... imho.  =)

 - Insolence
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9941023
wish I'd said that...
0
 
LVL 5

Accepted Solution

by:
Insolence earned 75 total points
ID: 9944018
lol, chicagoan, what you said sounded french to me man.  I've done tech support for a long time, and if I said what you said above to any normal human being, they would be all "huh!?!".  And well, you didn't touch on the real answers IMHO.  No offense...
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question