TwelvestoneFront End

HTTPS for SSL encryption

Sign in

Not a member? Sign up
Forgot your password?
Didn't receive confirmation instructions?
  • Waiting for Godot ( 730 k posts )
    Just conversation.
  • Thunder Dome ( 23 k posts )
    Photoshop Tennis and Collabs.
  • Photography ( 5.1 k posts )
    For all you shutterbugs, sh...
  • Flash ( 18 k posts )
    ActionScripting to tweens, ...
  • Front End ( 5.9 k posts )
    general front end design an...
  • Back End ( 9.7 k posts )
    serverside scripting, progr...
  • Projects and Theory ( 12 k posts )
    This forum is for discussio...
  • FAQ ( 269 posts )
    All those nagging questions...
  • Design ( 17 k posts )
    graphics & all aspects of g...
  • Purgatory ( 3.6 k posts )
    12stone Jail, feel free to ...
Suzy
 
2010-03-01

Hi guys, I'm hoping someone can help me out please. I have had a client ask me the following:

_Just a quick question re HTTPS for the SSL encryption of the candidate submissions part of the web site.

How many pages and what's involved to move it to a SSL site or a DNS sub domain eg if we get some hosting for the crypt.(website-name).co.uk and then SSL this site, then we can just move the candidate submisisions part / pages?_

Basically it's a lengthy form on a website over about 6 pages with a submit page at the end but it is asking for a lot of peoples personal details which needs to be kept secure. I've never done this before and I just wondered how I should reply to my client and what will be involved for me?

Thanks, Suzy k

scudsucker
 
2010-03-01

An SSL cert would apply to the entire domain (or sub-domain)

The cost is also per site rather than by number of pages.

Installing a certificate is very easy, too. You basically import it into IIS (assuming Windows!)

The cheapest certification at present is from Comodohttp://www.comodo.com/

You can create a self-signed certificate to test the site before you purchase a real one, obviously no-one is going to trust your own cert so you'd have to eventually purchase one. Seehttp://www.somacon.com/p42.php

Or - the really easy way - request your ISP to set up https!

Suzy
 
2010-03-02

Cheers scudsucker k The site is hosted elsewhere so do I just get the hosting company to set that up and all I have to do is change the link to the pages that I will move to that sub domain?

scudsucker
 
2010-03-02

Yes sounds pretty much what you need.

As I am sure you know, the subdomain can be set up to point to the same website - so crypt.(website-name).co.uk would point to the (website-name).co.uk site.

Then it is just a metter of ensuring that the pages that are supposed to be SSL detect for SSl and redirect to the https equivalent - and obviously, all the links point to the https version. (seehttp://classicasp.aspfaq.com/general/how-do-i-redirect-an-http/request-to-https/ for ASP Vbscript )

Also - remember that session vars will not persist from the non-https to the http subdomains, so if you are saving any data in session that is required by the https pages, make sure it is obtained in the subdomain.

Suzy
 
2010-03-02

Cheers for that scudsucker! Very helpful indeed as I didn't know about the crypt or the session vars bits. Thanks again k

Sorry, you must be a member to post to a conversation. Either log in or sign up to get involved.
TwelvestoneFront End

HTTPS for SSL encryption

Powered by Twelvestone Hosted Forums