Ask Question Forum:
Model Library:2025-02-08:A.I. model is online auto reply
C
O
M
P
U
T
E
R
2
8
Show
#
ASK
RECENT
←
- Underline
- Bold
- Italic
- Indent
- Step
- Bullet
- Quote
- Cut
- Copy
- Paste
- Table
- Spelling
- Find & Replace
- Undo
- Redo
- Link
- Attach
- Clear
- Code
Below area will not be traslated by Google,you can input code or other languages
Hint:If find spelling error, You need to correct it,1 by 1 or ignore it (code area won't be checked).
X-position of the mouse cursor
Y-position of the mouse cursor
Y-position of the mouse cursor
Testcursor
caretPos
Attachment:===
Asked by duncanb7
at 2024-05-12 21:36:57
Point:500 Replies:4 POST_ID:828554USER_ID:11059
Topic:
Miscellaneous Web Development;PHP Scripting Language;JavaScript
I hava concept and questions on HTTPS , hope you can help on it
1) Question-1 I know HTTPS using 443 port and HTTP using 80, could I use it on my share-server ?
But I try it before for my website but it didn't work such as
https//www.mysite.com instead of http://www.mysite.com. Is that
because my hosting company not allow me to do so ?
2) Question-2 If I get other PC for linux server, how can I let my sever
to accepte HTTPS ?
3) Question-3 I check it on wiki abotu server setup for HTTPS
-------Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and to securely identify the web server with which you are actually communicating. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems.
Server setupTo prepare a web server to accept HTTPS connections, the administrator must create a public key certificate for the web server. This certificate must be signed by a trusted certificate authority for the web browser to accept it without warning. The authority certifies that the certificate holder is the operator of the web server that presents it. Web browsers are generally distributed with a list of signing certificates of major certificate authorities so that they can verify certificates signed by them.
[edit] Acquiring certificatesAuthoritatively signed certificates may be free[6][7] or cost between US$8[8] and $1,500[9] per year. However, in the case of free certificate authorities such as CACert, popular browsers (e.g. FireFox, Internet explorer) may not include the trusted root certificates, which may cause untrusted warning messages to be displayed to end users. StartSSL is an example of a service offering free certificates with extensive browser support.
Organizations may also run their own certificate authority, particularly if they are responsible for setting up browsers to access their own sites (for example, sites on a company intranet, or major universities). They can easily add copies of their own signing certificate to the trusted certificates distributed with the browser.
There also exists a peer-to-peer certificate authority, CACert.
[edit] Use as access controlThe system can also be used for client authentication in order to limit access to a web server to authorized users. To do this, the site administrator typically creates a certificate for each user, a certificate that is loaded into his/her browser. Normally, that contains the name and e-mail address of the authorized user and is automatically checked by the server on each reconnect to verify the user's identity, potentially without even entering a password.
I must have SSL Cerification and put it on my server by server administor(myself) before
server up for HTTPS , is that Right ? Where I get the Cerification ? What
is different betweeen Cerification and Authenority Key ?
Question-4, On Client side browser such as on user PC window xp computer,
suppose All browser automatically accept all HTTPS coming stream data by default, is it
Right ? Can I switch my browsers to accept HTTPS or NOT ?
Please Advise
Duncan
1) Question-1 I know HTTPS using 443 port and HTTP using 80, could I use it on my share-server ?
But I try it before for my website but it didn't work such as
https//www.mysite.com instead of http://www.mysite.com. Is that
because my hosting company not allow me to do so ?
2) Question-2 If I get other PC for linux server, how can I let my sever
to accepte HTTPS ?
3) Question-3 I check it on wiki abotu server setup for HTTPS
-------Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and to securely identify the web server with which you are actually communicating. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems.
Server setupTo prepare a web server to accept HTTPS connections, the administrator must create a public key certificate for the web server. This certificate must be signed by a trusted certificate authority for the web browser to accept it without warning. The authority certifies that the certificate holder is the operator of the web server that presents it. Web browsers are generally distributed with a list of signing certificates of major certificate authorities so that they can verify certificates signed by them.
[edit] Acquiring certificatesAuthoritatively signed certificates may be free[6][7] or cost between US$8[8] and $1,500[9] per year. However, in the case of free certificate authorities such as CACert, popular browsers (e.g. FireFox, Internet explorer) may not include the trusted root certificates, which may cause untrusted warning messages to be displayed to end users. StartSSL is an example of a service offering free certificates with extensive browser support.
Organizations may also run their own certificate authority, particularly if they are responsible for setting up browsers to access their own sites (for example, sites on a company intranet, or major universities). They can easily add copies of their own signing certificate to the trusted certificates distributed with the browser.
There also exists a peer-to-peer certificate authority, CACert.
[edit] Use as access controlThe system can also be used for client authentication in order to limit access to a web server to authorized users. To do this, the site administrator typically creates a certificate for each user, a certificate that is loaded into his/her browser. Normally, that contains the name and e-mail address of the authorized user and is automatically checked by the server on each reconnect to verify the user's identity, potentially without even entering a password.
I must have SSL Cerification and put it on my server by server administor(myself) before
server up for HTTPS , is that Right ? Where I get the Cerification ? What
is different betweeen Cerification and Authenority Key ?
Question-4, On Client side browser such as on user PC window xp computer,
suppose All browser automatically accept all HTTPS coming stream data by default, is it
Right ? Can I switch my browsers to accept HTTPS or NOT ?
Please Advise
Duncan
Author: duncanb7 replied at 2024-05-13 10:06:41
Thanks for your reply and get more understanding at
google "Free SSL certification" and try their trial for 30 days
with my CPane; SSL/TPS manager
Duncan
google "Free SSL certification" and try their trial for 30 days
with my CPane; SSL/TPS manager
Duncan
Accepted Solution
Expert: bportlock replied at 2024-05-13 09:58:30
100 points GOOD
All Apache servers will server both HTTP and HTTPS and cURL does not care which you use either. All browsers support HTTPS
The only question is whether YOU have to set it up or your service provider will do it for you. To be honest, if your service provider will sell you the certificate and install it for you then get them to do it.
The only question is whether YOU have to set it up or your service provider will do it for you. To be honest, if your service provider will sell you the certificate and install it for you then get them to do it.
Author: duncanb7 replied at 2024-05-13 04:52:36
Dear bportlock,
Thanks for your detail answer, now I understand more and Icheck with my hosintg company
who tell me to follow the link below to use curl with HTTPS
http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-HTTPS-ssltls-protected-sites/
now I check my php.ini file which support openSSL so in other words, it supports
HTTPS(SSL) , IS that right ?
I just need to buy certification from GeoTrush and redirect my expect website by curl function with SSL certification included as mentioned on the link above. The cerficiation might be in cer or crt or others format. After all Trused HTTPS communication will be done , Is that right ?
And finally, if both server-side(SSL enable) and client side(all browsers accept HTTPS)
accept HTTPS protocol communcation, the users should be able to display all https website information whateve the site have SSL certification or NOT, Is that right ?
All browser will warn the user if they view No certificiation(untrust) website before
display the https info, Right ?
Hope you can kindly answer to those question and won't have continuing question and
I will close this thread after that and open new thread for Trust Cert from Vendor Company
Please advise
Duncan
Thanks for your detail answer, now I understand more and Icheck with my hosintg company
who tell me to follow the link below to use curl with HTTPS
http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-HTTPS-ssltls-protected-sites/
now I check my php.ini file which support openSSL so in other words, it supports
HTTPS(SSL) , IS that right ?
I just need to buy certification from GeoTrush and redirect my expect website by curl function with SSL certification included as mentioned on the link above. The cerficiation might be in cer or crt or others format. After all Trused HTTPS communication will be done , Is that right ?
And finally, if both server-side(SSL enable) and client side(all browsers accept HTTPS)
accept HTTPS protocol communcation, the users should be able to display all https website information whateve the site have SSL certification or NOT, Is that right ?
All browser will warn the user if they view No certificiation(untrust) website before
display the https info, Right ?
Hope you can kindly answer to those question and won't have continuing question and
I will close this thread after that and open new thread for Trust Cert from Vendor Company
Please advise
Duncan
Assisted Solution
Expert: bportlock replied at 2024-05-13 02:29:54
400 points GOOD
1) Question-1 I know HTTPS using 443 port and HTTP using 80, could I use it on my share-server ? But I try it before for my website but it didn't work such as
https//www.mysite.com instead of http://www.mysite.com. Is that
because my hosting company not allow me to do so ?
It depends on your hosting service. Some companies do not let you set up secure HTTP others do. Contact your hoster and ask. Many hosters offer a PAID service to install the certificate because it is not a simple process and it is easy to get it wrong.
2) Question-2 If I get other PC for linux server, how can I let my sever
to accepte HTTPS ?
Once again, this depends on who does your hosting. If you are running your own server then there is a set procedure for installing a secure certificate and you must be careful to follow the procedure. You must also be careful about the certificate you buy as they have different capabilities and different prices attached.
3) Question-3 I check it on wiki abotu server setup for HTTPS
I must have SSL Cerification and put it on my server by server administor(myself) before
server up for HTTPS , is that Right ? Where I get the Cerification ? What
is different betweeen Cerification and Authenority Key ?
You buy a certificate from an approved authority such as GeoTrust or Verisign. You can make your own certificate but it will flag up as an untrusted certificate and this usually frightens users that they are being hacked.
http://www.geotrust.com/ssl/
http://www.verisign.co.uk/ev-sem-page/index.html?sl=t49600343700000018
The certificate comes in a number of parts and these need to be installed in secure areas of the server and the Apache configuration modified accordingly.
Question-4, On Client side browser such as on user PC window xp computer,
suppose All browser automatically accept all HTTPS coming stream data by default, is it
Right ? Can I switch my browsers to accept HTTPS or NOT ?
Browsers will accept either HTTP or HTTPS. The normal procedure (if you want to force all traffic to be HTTPS) is to install a redirection in your website Apache configuration to force all traffic over to the HTTPS version.
https//www.mysite.com instead of http://www.mysite.com. Is that
because my hosting company not allow me to do so ?
It depends on your hosting service. Some companies do not let you set up secure HTTP others do. Contact your hoster and ask. Many hosters offer a PAID service to install the certificate because it is not a simple process and it is easy to get it wrong.
2) Question-2 If I get other PC for linux server, how can I let my sever
to accepte HTTPS ?
Once again, this depends on who does your hosting. If you are running your own server then there is a set procedure for installing a secure certificate and you must be careful to follow the procedure. You must also be careful about the certificate you buy as they have different capabilities and different prices attached.
3) Question-3 I check it on wiki abotu server setup for HTTPS
I must have SSL Cerification and put it on my server by server administor(myself) before
server up for HTTPS , is that Right ? Where I get the Cerification ? What
is different betweeen Cerification and Authenority Key ?
You buy a certificate from an approved authority such as GeoTrust or Verisign. You can make your own certificate but it will flag up as an untrusted certificate and this usually frightens users that they are being hacked.
http://www.geotrust.com/ssl/
http://www.verisign.co.uk/ev-sem-page/index.html?sl=t49600343700000018
The certificate comes in a number of parts and these need to be installed in secure areas of the server and the Apache configuration modified accordingly.
Question-4, On Client side browser such as on user PC window xp computer,
suppose All browser automatically accept all HTTPS coming stream data by default, is it
Right ? Can I switch my browsers to accept HTTPS or NOT ?
Browsers will accept either HTTP or HTTPS. The normal procedure (if you want to force all traffic to be HTTPS) is to install a redirection in your website Apache configuration to force all traffic over to the HTTPS version.