<
SSL (Secure Sockets Layer)
Please choose from the following questions.
If you can't find your question, please
let us
know and we'll answer it in e-mail and add it
to the FAQ.
- What does SSL mean?
- Why is that when I try to access a
secure web page on your server my browser shows an error message saying
something about an "unknown authority", and won't load the page.
- How do I use SSL?
- Does SSL work with Netscape only?
- What advantage, if any, is there to a
secure page using SSL?
- Why can I use
https://servername/~accountname but not https://virtualhostname ?
- I am trying to use cgiemail and am having trouble
getting it to work with SSL. What am I doing wrong?
- After a user submits an order using a secure web
form (using cgiemail), if I telnet into he.net and read it using pine is it
still secure?
- How do I use frames with SSL?
- How do I get a secure form to send
encrypted email?
- How do I correctly call a cgi
script from within a secure form?
What does SSL mean?
SSL is an acronym for Secure Sockets Layer. It is a
protocol used for authenticating and encrypting web traffic.
For web traffic to be authenticated means that your browser is able to
verify the identity of the remote server. For web traffic to be
encrypted means that traffic between the server and your browser is
scrambled so that it is unintelgible if intercepted.
Why is that when I try to access a
secure web page on your server my browser shows an error message saying
something about an "unknown authority", and won't load the page.
We have changed all of the secure certificates on our servers to Thawte. Because at one time the only
certifying agency was Verisign, older web browsers will only
recognize secure certificates from them. To avoid getting error messages in
the future you should upgrade to the current version of your web browser at:
http://www.thawte.com/serverbasic.crt
How do I use SSL?
All accounts include a secure web directory. Your secure web directory is
named:
/home/acctname/secure_html
where "acctname" is your account name. Your secure web URL is:
https://servername/~acctname
where "servername" is the name of the server your account is on. An
example secure web URL might be:
https://atlas.he.net/~retailer
To invoke user CGI scripts using SSL use:
https://servername/cgi-bin/suid/~acctname/scriptname
To invoke system CGI scripts (such as cgiemail) using SSL use:
https://servername/cgi-bin/scriptname
Does SSL work with Netscape only?
It also works with Microsoft's Internet Explorer (or any other SSL
compatible browser).
What advantage, if any, is there to a
secure page using SSL?
The page and any response using forms on it are encrypted in transit so
that eavesdroppers which may observe raw traffic passing through their
networks can't read it. This is especially useful in shared environments,
such as a college campus or a large office which uses standard 10 base T
ethernet hubs or thin ethernet, where all machines can see all traffic.
The use of a secure form increases the willingness of people to submit
orders online using their credit card, which means increased sales for
you.
Why can I use
https://servername/~accountname but not https://virtualhostname ?
The digital certificates used in SSL are issued by certificate authorities
(such as VeriSign). A digital certificate will only work for the specific
domain name it was issued for.
To obtain a digital certificate you must prove that you have the legal
right to use the domain name the certificate is to be issued for, prove
that you are who you say you are (for a corporation you may be required to
provide its articles of incorporation), and pay the necessary fee ($295
for the first year if you use VeriSign) to the certificate authority.
We have purchased digital certificates for all of our web servers to save
you the cost, delay, and difficulty of obtaining a certificate. To take
advantage of our preinstalled digital certificates you must use the domain
name of the server in your https (SSL) URL.
I am trying to use cgiemail and am having
trouble getting it to work with SSL. What am I doing wrong?
This is because cgiemail is looking in your public_html directory, not the
secure_html directory.
The simplest way to fix this is to delete your secure_html directory and
create a symlink from it to your public_html directory. You then store
your secure and public documents both in your public_html directory. Here
are the unix commands to do this (after telnetting to the server):
rmdir secure_html
ln -s public_html secure_html
After a user submits an order using a secure web
form (using cgiemail), if I telnet into he.net and read it using pine is it
still secure?
SSL encrypts web transactions between a client web browser and a web
server. SSL is a big win because it enables a customer at a college
campus (a high security risk environment) to place an order with the
knowlege that other local workstations won't be able to eavesdrop. Once
the data is on the server, the security of a telnet session depends on the
path between you and the server. So it depends on how much you trust the
networks you cross reaching us.
How do I use frames with SSL?
When using frames with ssl, a new window must be created
otherwise ssl
will not work.
How do I get a secure form to send
encrypted email?
You would use PGP (Pretty Good Privacy) for that. Please see:
http://web.mit.edu/network/pgp.html
How do I correctly call a cgi
script from within a secure form?
Please use:
https://server/cgi-bin/suid/~accountname/scriptname
Make sure to replace where it says server with your
domain name or the domain name on which your account is located. Also
replace where it says accountname with the name of your
account and scriptname with the name of your script.
Back to FAQ Index
| |
Send E-Mail to:
comments@dss-sites.com
http://www.dss-sites.com
Dealer Support Services
203 Pine Street
Fulton, NY 13069-2429
Phone: (315) 598-8082
Fax: (315) 422-3837 |