amitjk
asked on
SSL Implementation
How to set up an existing http site to work on SSL .
What are the different steps involved . Maybe following questions will help me understand the implementation of SSL
(1) Can we add SSL to the web?
(2) How do we add SSL to our web?
(3) Since our servers are managed by a third party vendor , I need to know what to ask them to do. (4) How it will impact or website.
(5) Do we need to provide a digital certificate? If so , where do we get one.
Best Regards
Amit
What are the different steps involved . Maybe following questions will help me understand the implementation of SSL
(1) Can we add SSL to the web?
(2) How do we add SSL to our web?
(3) Since our servers are managed by a third party vendor , I need to know what to ask them to do. (4) How it will impact or website.
(5) Do we need to provide a digital certificate? If so , where do we get one.
Best Regards
Amit
Lemme try that again for you...
#1: Yes, most likely
#2: Since you're not the actual host, you don't do anything except ask your host to change your website to SSL. Unless they give you some sort of web-based interface to manage your own website. Then typically, you can do it on your own
#3: Call up your host and say... "Can I change my website to use a secure connection since I have private data that will be tranferred back and forth?" Something along those lines.
#4: It will not impact your website directly. Users WILL have to go to https:// instead of http unless you forward them automatically to https or something. This you can discuss and setup most likely with your host.
#5: No, in almost no cases do you need to provide a digital certificate. Most hosting services provide one, or you can ask them to make you a self-signed certificate. This isn't the most secure, but it's free. If you DO need one, or want one for some reason from a trusted company, be ready to fork out good money yearly. That link provided above should suffice, it shows and reviews the major SSL certificate providers.
Just providing a different wording... imho. =)
- Insolence
#1: Yes, most likely
#2: Since you're not the actual host, you don't do anything except ask your host to change your website to SSL. Unless they give you some sort of web-based interface to manage your own website. Then typically, you can do it on your own
#3: Call up your host and say... "Can I change my website to use a secure connection since I have private data that will be tranferred back and forth?" Something along those lines.
#4: It will not impact your website directly. Users WILL have to go to https:// instead of http unless you forward them automatically to https or something. This you can discuss and setup most likely with your host.
#5: No, in almost no cases do you need to provide a digital certificate. Most hosting services provide one, or you can ask them to make you a self-signed certificate. This isn't the most secure, but it's free. If you DO need one, or want one for some reason from a trusted company, be ready to fork out good money yearly. That link provided above should suffice, it shows and reviews the major SSL certificate providers.
Just providing a different wording... imho. =)
- Insolence
wish I'd said that...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
probably
(2) How do we add SSL to our web?
You'll have to have a name registered in DNS, submit to a business check or be registered with Dun and Bradstreet or the like, and give somebody some money.
Apache: http://rocky.uta.edu/doran/vugm2001/
IIS: http://www.instantssl.com/ssl-certificate-support/cert_installation/iis_ssl_certificate_5x.html
(3) Since our servers are managed by a third party vendor , I need to know what to ask them to do.
If you have a co-located server see 5. If you have a managed web service just call and ask them.
(4) How it will impact or website.
More processor overhead for ssl delivered pages.
(5) Do we need to provide a digital certificate?
An SSL certificate is a digital document that says the Certificate Authority says the web site belongs to you. They will provide the necessary keys. If this is a shared server at a hosting company, they probably have a shared certificate you can use.
(6) If so , where do we get one.
http://www.sslreview.com/content/index.html