Author Topic: Web certificates (Read 1855 times)

Trimoor · « **on:** March 17, 2005, 09:37:04 am »

I would like to use SSL encryption on my website, if for nothing more than to keep out prying government people. How do I set up my server to do this? How do I create a self-signed certificate?

Thanks!

cholin · « **Reply #1 on:** March 17, 2005, 11:54:44 am »

Oh I asked a question like this once. I can't remember the whole thing, but if you have cPanel it saves you a ton of time. You enter some crap into the new certificate thing and it gives you like an encoded string, then you use a program in Windows XP (you need to have IIS or something installed as a component, you can do this in add/remove programs if you have the disc) and then you type in some signing information and it gives you a certificate

This was truly a horrible explanation since I winged it when I tried, but maybe it will jog someones memory?

Trimoor · « **Reply #2 on:** March 17, 2005, 12:23:25 pm »

I have a control panel, but it says SSL is disabled. The site is professionally hosted on an Apache server, so it can't be a windows program. (Besides, IIS is pure crap.)

I suppose I should ask my hosting service instead of here....

cholin · « **Reply #3 on:** March 17, 2005, 04:12:27 pm »

Yes you should, but to sign your own cert, you need to use IIS FROM YOUR OWN COMPUTER. Even if it says that SSL is disabled (meaning you can't use it anyway!) you can still generate certs.

rampy · « **Reply #4 on:** March 17, 2005, 05:10:46 pm »

you can generate your own certs on apache as well...

If you aren't the administrator to your site/server you'll probably need to contact them regardless... you just need them to turn on SSL (assuming it's been preconfigured to do so) You'll get a warning box about the certificate not being signed, but you're connection will still be encrypted.

Although not sure of the point.. or exactly what you are trying to do.

Note: your ftp uploads or downloads will still be in clear text... as will be your email to/from the server (unless you PGP it or the like)

I guess i'm saying... just having SSL enabled and surfing your site via SSL/https isn't going to keep "them" from being able to intercept whatever it is you're concerned about...

*shrug*

rampy

TalkingOctopus · « **Reply #5 on:** March 17, 2005, 05:48:43 pm »

Quote

if for nothing more than to keep out prying government people.

For what its worth, the NSA can probably crack anything you use. You can use Open SSL to generate certficates.

I too am confused about what you are trying to do. SSL is mainly used for commerce transactions to verify the seller and encrypt your credit card info. SSL provides server authentication to the client, encrytion with a session key and data authentication with implicit sequence numbers. If anyone can log onto your site and view it, then it serves no purpose.


Main	Restorations	Software	Audio/Jukebox/MP3	Everything Else	Buy/Sell/Trade
Project Announcements	Monitor/Video	GroovyMAME	Merit/JVL Touchscreen	Meet Up	Retail Vendors
Driving & Racing	Woodworking	Software Support Forums	Consoles	Project Arcade	Reviews
Automated Projects	Artwork	Frontend Support Forums	Pinball	Forum Discussion	Old Boards
Raspberry Pi & Dev Board	controls.dat	Linux	Miscellaneous Arcade	Wiki Discussion	Old Archives
Lightguns	Arcade1Up	Try the site in https mode		Site News


Unread posts \| New Replies \| Recent posts \| Rules \| Chatroom \| Wiki \| File Repository \| RSS \| Submit news

Author Topic: Web certificates (Read 1855 times)

Trimoor

Web certificates

cholin

Re: Web certificates

Trimoor

Re: Web certificates

cholin

Re: Web certificates

rampy

Re: Web certificates

TalkingOctopus

Re: Web certificates