Jump to content


Photo

HTTPS webpage


  • Please log in to reply
9 replies to this topic

#1 jeret

jeret

    Junior Member

  • Member
  • Pip
  • 49 posts
  • Main OS: Windows 2000

Posted 15 February 2012 - 04:15 AM

hi, how do i setup / create a https webpage with uniform server? we host our own web sites.

thank you..
Jeret Christopher WEB DESIGNER

#2 BobS

BobS

    Project Helper

  • Super Moderator
  • PipPipPip
  • 334 posts
  • Location:Santiago Chile
  • Interests:Retiring, computer systems, system design, model railroads....
  • Wiki ID: BobS
  • Main OS: Windows 7

Posted 15 February 2012 - 07:40 AM

The key here is httpS. That implies that the page is secured via SSL (or its other name, TLS). I see that we probably should create a Wiki article on this....

Assuming that you have already set up your ssl certificates, either by creating the "fake" self-signed cert or by actually obtaining a cert from a third party. By running the certificate installation procedure, you will have activated the secure vhost (which is actually what it is). This makes it so that http requests are served from www directory and https request are served from the ssl directory.

Now all you need to do is put your secure goodies in the ssl directory tree, and the non-secure in the regular www tree.

Clear? Simple? Yeah... One potential annoyance is with mixed content pages. If you can keep everything in the ssl tree, you'll avoid this. The hit on processor usage nowadays is nominal (you've retired the old Pentium III host?).

Last point: I have "cleaned up" the index.php files for www and ssl for Coral-8.1.1, and they look almost the same internally as well as externally. You might want to download these. They'll be included in the next Coral update, but for a while I'll have them available here. Attached File  Coral_811a.7z.txt   1.51KB   42 downloads Be sure to delete the .txt before un7zipping.

Regards,
BobS

#3 jeret

jeret

    Junior Member

  • Member
  • Pip
  • 49 posts
  • Main OS: Windows 2000

Posted 15 February 2012 - 09:07 PM

Hi BobS,

Thanks for the info but i'm not sure how to go about creating the ssl. do you have a website where i can learn on how to create this? i need to know the steps involved. Thanks.
Jeret Christopher WEB DESIGNER

#4 BobS

BobS

    Project Helper

  • Super Moderator
  • PipPipPip
  • 334 posts
  • Location:Santiago Chile
  • Interests:Retiring, computer systems, system design, model railroads....
  • Wiki ID: BobS
  • Main OS: Windows 7

Posted 16 February 2012 - 09:51 AM

Okay,
SSL has been available in The Uniform Server since 4-Mona, so this applies to all versions. If you look at the directory tree, you'll see that there is a www folder AND an ssl folder. A request for http:/mysite/index.html (on port 80) to Apache is directed to the www folder, and if the file is there, it is used for the reply. Similarly, a request for https:/mysite/index.html (on port 443 )is directed to the ssl folder, and if the file is there, it is used for the reply.

Look at this article in the Wiki: http://wiki.uniforms...ral:_apache_ssl and the following articles for much more detail. It's what you should have read first. :blink: BTW, ALL this information is included in the docs directory distributed with Coral. But who needs/reads the manual?

The ONLY difference between these two is that the ssl traffic requires a secure connection on port 443, which is automatically handled by the browser and the server.

So you've got me into test mode. Normally I don't set up ssl on my test servers, but to prove this out, I'm going to install a copy of WordPress in ssl instead of www, and see just what results I get.

If what I see and say are valid, then the ONLY difference will be that this particular copy of WP will ONLY be available via https:// on port 443.

Stay tuned.... :)

Regards,
BobS

#5 BobS

BobS

    Project Helper

  • Super Moderator
  • PipPipPip
  • 334 posts
  • Location:Santiago Chile
  • Interests:Retiring, computer systems, system design, model railroads....
  • Wiki ID: BobS
  • Main OS: Windows 7

Posted 16 February 2012 - 10:35 AM

Hot DOG!!
I just love it when something works as it was intended!

I now have a new instance of WordPress running on https://localhost/wordpress/ See the picture: Attached File  Secure_.JPG   24.17KB   49 downloads

Clarke's Third Law: "Any sufficiently advanced technology is indistinguishable from magic."
There's actually nothing magic about it when it's been explained.

Regards,
BobS

#6 jeret

jeret

    Junior Member

  • Member
  • Pip
  • 49 posts
  • Main OS: Windows 2000

Posted 16 February 2012 - 08:49 PM

Nice!!!! :blink:
Jeret Christopher WEB DESIGNER

#7 jeret

jeret

    Junior Member

  • Member
  • Pip
  • 49 posts
  • Main OS: Windows 2000

Posted 16 February 2012 - 09:04 PM

Hi BobS

what do you think about this website, complete steps on creating the ssl :

http://www.makeuseof...sl-certificate/
Jeret Christopher WEB DESIGNER

#8 BobS

BobS

    Project Helper

  • Super Moderator
  • PipPipPip
  • 334 posts
  • Location:Santiago Chile
  • Interests:Retiring, computer systems, system design, model railroads....
  • Wiki ID: BobS
  • Main OS: Windows 7

Posted 18 February 2012 - 11:17 AM

That's essentially what we have in The Uniform Server documentation!

If you have a copy of 8-Coral loaded, go to UniServer/docs/English/apache_free_server_cert.html , or go to http://wiki.uniforms...ree_server_cert (they're essentially the same).
As we engineering-types like to say, RTFM! :blink:

We also suggest using startssl.com as the supplier. A free certificate will get you past the problem of browser security alerts, but doesn't offer any deep assurance to your users about your site. In other words, don't use this type of certificate for a server that's going to be doing e-commerce or working with the general public. It's fine for your small circle of friends, or for side development and software testing.

Regards,
BobS

#9 jeret

jeret

    Junior Member

  • Member
  • Pip
  • 49 posts
  • Main OS: Windows 2000

Posted 19 February 2012 - 08:51 AM

Im still using nano, hope dats ok... Thx for the info :blink:
Jeret Christopher WEB DESIGNER

#10 BobS

BobS

    Project Helper

  • Super Moderator
  • PipPipPip
  • 334 posts
  • Location:Santiago Chile
  • Interests:Retiring, computer systems, system design, model railroads....
  • Wiki ID: BobS
  • Main OS: Windows 7

Posted 19 February 2012 - 09:03 AM

Well, yeah, but you're missing out on security updates and a lot more.
Don't even THINK of putting Nano open to the Internet! There are too many security holes that need to be filled.

Regards,
BobS




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users