Definition of SSL
For an excellent resource on SSL basics, please go to http://www.verisign.com/site/ssl.html.
Information sent from one computer to another computer can pass through numerous other computers before it reaches the destination. These intermediary computers can monitor and replace the information that we are sending. So to safeguard privacy, we encrypt information before we send it over the Internet. So the encrypted data is meaningless for these intermediary persons and also if the data is changed , the intended recipient will know it was altered. SSL is a protocol used for this encryption purpose.
The Certification Authorities (CA) issues certificates. A certificate is a file that contains certain identifying information. The file is signed with the CA's private key to guarantee its authenticity. Both clients and servers can have certificates. When a server sends its certificate to a client, the process is called server authentication. When a client sends a certificate to a server, the process is called client authentication. Both the browser and the server use an SSL security handshake (exchange of certificates) to initiate a secure TCP/IP connection. The client and server agree on the level of security they will use and how to fulfill authentication requirements for their connection. After the handshake, the only role of SSL is to encrypt and decrypt the WWW service byte stream. The WWW service and the Web browser encrypt all the information in both request and response, including:
The URL the client is requesting Any submitted form contents, such as credit card numbers Any WWW service user names and passwords. All data the server sends back to the client
To learn more about SSL please check this site or see the External Links section below.
Vanity SSL
To enable Vanity SSL on your Free Linux account you can complete the following
- Login at https://manage.myhosting.com
- Click drop down menu on top right of the page and choose your subscription or choose All Domains
- Click the domain you wish to access
- Click on Website tab
- Click on WebSite Hosting Settings
- Click on SSL tab
- Here you can see your Vanity SSL URL
Your own GeoTrust SSL Certificate
myhosting.com has Partnered with eNom to provide customers with GeoTrust RapidSSL® and QuickSSL® 256-bit Certificates designed for securing communications between your customer and your web site. Trusted by over 99% of current Internet users, RapidSSL and QuickSSL certificates are an ideal and low cost way of securing trust on your website. We'll take care of all the configuration and setup for you. All you need to do is pay the yearly certification fee, starting at only $19.95 per year with a $25.00 setup fee.
Your secure site will be like https://www.domainname.com
Please note that an Exclusive IP is required to set up your SSL Certificate on your Windows or Linux Shared Hosting account.
You can sign up by completing the following.
- Log into your customer control panel at https://manage.myhosting.com
- Click on Billing
- Click on New Subscription
- Select GeoTrust SSL Certificates and then Choose Category
- Choose the Type of Certificate you want to purchase and then the Duration you want to register it for.
- Leave the Certificate Request (CSR) field blank and click Next.
- Fill in the details for your Certificate Signing Request and click Next.
- Choose Your Web Server Type. If you are buying your certificate for your Linux/Apache site, choose Apache + ApacheSSL. If you are buying it for your Windows/IIS7 site, choose Microsoft IIS6.0.
- Enter your Approver Email, making sure that the email address is in the list of accepted approvers.
- Make sure you save a copy of your Private Key. You'll need it later when you install your Certificate.
- Click Next and complete your order.
- You will then receive a confirmation email to your approver email address. You can then approve your order. When it is processed, you will receive your Certificate by email.
Installing your GeoTrust SSL Certificate
After you receive your final Certificate via email, you can then install it on your site.
Installing Your Certificate for your Windows/IIS7 Site
- Log into your control panel with your username and password.
- From the drop down list above, you must choose all domains.
- Once there click the Hosted domains tab up top.
- Click the domain you wish to install SSL on
- Under website tools section click on More Tools.
- Click the SSL button
- Click install Certificate and enable SSL as long as you have assigned a dedicated IP to the subscription
- You can use either File Repository, or Clipboard to upload your private key, and certificate.
Installing Your Certificate for your Linux/Apache Site
- Log into your control panel with your username and password.
- Log into your control panel with your username and password.
- You can choose the subscription from the top drop downlist
- Click the websites tab up top.
- Click the domain name in question
- Click the Web Hosting Settings button
- Click on the SSL tab up top
- Click on the install certificate button to start the installation.
You can choose Repository, File, or Clipboard to upload your own private key, and SSL
Your Own SSL Certificate
Generating a Certificate Signing Request (CSR)
To apply for your own SSL key, first generate a Certificate Signing Request (CSR) by following the instructions provided below:
These apply to an IIS7 web server.
- Log into your control panel with your username and password.
- Click on My Account
- Click on User Repository
- Click on Manage SSL Certificates
- Click on Create Certificate Signing Request
- You will need to fill in the details for your site, then confirm. The fields you will need to select or enter data for the CSR include: Bits, Country, State/Province, Location (City), Organization Name, Organization Unit Name, Common name (generally your URL, "www.mydomain.com"), and Email.
- Click on Next
- Click on the Download link to download a copy of the CSR. This is what you will use to purchase your certificate.
- Make sure to download and keep a copy of your Private Key in a safe place, you'll need it again when you install your certificate later.
The CSR is then used when requesting or purchasing an SSL certificate from a Certification Authority.
Once you have your certificate, you will need to install it on your server. Follow the instructions at Installing your GeoTrust SSL Certificate. The procedure is the same for non-GeoTrust certicates.
Uploading Files To Your Secure Site
To simplify matters, when SSL has been enabled on your account we bind your existing website home directory to the Vanity Certificate created for your site. Therefore, your secure and unsecure directories are the same. When you need to switch to a secure page, all you need to do is set the hyperlinks properly.
For example, you have a form named form.html and you want it to be secured, all you need to do is link it as:
<A HREF="https://yoursite.secure.myhosting.net/form.html">Form</A>
External Links
- wikipedia : SSL, Certification Authority, Certificate signing request (CSR), Extended Validation Certificate, Digital certificate, Digital Signature, Public key certificate, Public-key cryptography, Category:Public-key cryptography, Category:Certificate authorities, Subject Alternative Name (SAN), X.509
- wikipedia : Comparison of SSL certificates for web servers
- Open Directory : Third Party Certificate Authorities
- CSR Decoder and Certificate Decoder - can be used to decode and examine an encoded CSR or certificate.
- SSL Checker - can be used to test a certificate and that it has been installed corrrectly