netbasiks.comCall us tollfree at 1-888-765-5532
 
 

 


Information Center

Web Site Hosting
Prices and Plans
Compare Our Plans
Order Online

Domain Registration
Manage Your Domains
Check Domain Availability
Order new Domains

Online Support
Reseller Program
Our Network
FAQ
Contact Us



 




netbasiks.com Technical Support: SSL

 

Secure Socket Layers (SSL)

What is Secure Sockets Layer (SSL)?

Secure Sockets Layer (SSL) is a system that allows for a private connection when communicating with other SSL-enabled products. It is symmetric encryption nested within public-key encryption and authenticated through the use of certificates. A SSL connection can only occur between an SSL-enabled client and an SSL-enabled server. In fact, when a server is running in SSL mode, it can only communicate through SSL.


What are Certificates?

A digital certificate is a statement signed by an independent and trusted third party. The statement usually follows very a specific format, laid down in a standard called X509, but it doesn't have to.


A certificate contains three elements:

1. Subject Name and Other Certificate Extensions
This is information about the object being certified. In the case of a person this might include your name, nationality and email address, your organization, and the department within that organization where you work. It could also include a picture of you, a codification of your fingerprints, your passport number, and so on.

2. Public Key Information
This is the public key of the entity being certified. The certificate acts
to bind the public key to the attributes information described above. The
public key can be any asymmetric key, but is usually an RSA key
.

3. Certifying Authority Signature
The CA signs the first two elements and thereby adds credibility to the certificate. People who receive the certificate check the signature and will believe the attribute information / public key binding if they trust that certifying authority.


Sharing or Obtaining a SSL Certificate

You can share one of netbasiks.com's certificates if you are just getting started and don't want to purchase your own. If you are serious about security and run an e-commerce web site, netbasiks.com recommends getting your own certificate. Besides the security and stability advantages, now visitors can access your secure site with your domain name and not as a directory of the server you are on. (https://www.yourdomain.com as opposed to https://ssl.server.com/yourdomain/). When you get your own certificate, your customers see your name on the certificate and not ours.

Sharing

If you decide to share our certificate, your site is automatically set up with it at https://ssl.securenameservers.com/yourdomain/. For example, if your domain name is is justkidding.com your secure url will be (note https, not http): https://ssl.securenameservers.com/justkidding/

You can find the server you are on from the welcome letter netbasiks.com sent you. 

Getting your own Certificate.

netbasiks.com recommends that you purchase your own certificate. Although the certificate we provide is 128bit encrypted, and conducting transactions through it is very safe and secure, many of our clients prefer to buy their own certificate. You can get your own certificate from a variety or sources. You can get a certificate from:

    www.thawte.com

    www.verisign.com

    www.entrust.net

Steps to obtaining your own Certificate

1. To obtain your own certificate, companies like Thawte need proof of identity. A proof of organizational name and proof of the right to a domain name are required. For specific details, look here: http://www.thawte.com/certs/server/docs.html

2. Go to your control panel. Here you can generate a Certificate Signing Request (CSR) and RSA private key that needs to be sent to the certificate issuing company. Contact a certificate issuing company with the private RSA key and your necessary identification information or use the control panel submission feature.

3. The process for installing a certificate is fairly automated from here. You still need the information obtained in step one. Follow the instructions for placing the necessary information in the text fields. You place the RSA private key in the text area first, then the certificate key that was sent to you by whomever you purchased it from.


Using Front Page with SSL

Using secure forms with front page and a shared certificate can cause problems. While we've found this to work sporadically it most often doesn't. If you want to use secure forms with front page you will have to purchase your own certificate.

Links

http://developer.netscape.com/quickfind.cgi?cp=dev01qfin

http://developer.netscape.com/tech/security/ssl/howitworks.html


Configuring CGI Scripts Using SSL

How do I call a CGI script securely?

To execute cgi-sys scripts under a secure connection, you must submit a support request to activate SSL for your account.

Using your local CGI BIN, your path would look like this:
https://ssl.securenameservers.com/yourdomain/cgi-bin/file.pl

If you would like to use formmail.pl securely you first need to:

1. Save a copy of this script on your local hard drive.

2. Upload the formmail.pl file into your local /cgi-bin directory. Then, instead of calling the universal /cgi-sys directory, you would call your own /cgi-bin directory. It would look something like this:
https://
ssl.securenameservers.com/domain/cgi-bin/formmail.pl
NOTE:
You do NOT include the extension of your domain (ie. '.com', '.net', '.org'). 


What is your server path to PERL and Sendmail?

Our server path to PERL is:
!/usr/local/bin/perl

The path to the Sendmail program is:
/usr/lib/sendmail
 


How do I set permissions inside my CGI BIN?

If the browser returns "Internal Server Error" every time you submit your form, you did not have the right permission set for your script. Do the following to set the permission:

SSH into your /cgi-bin directory and issue the following command:
chmod 755 filename.pl
This will give universal execute permissions for that file.

You could also set file permissions through the File Manager located in your Control Panel or your FTP client like WS_FTP. 


 

| netbasiks.com | 1-888-765-5532 | PO Box 18005 Baton Rouge LA-70893 | info@netbasiks.com |


© 2000 netbasiks.com, LLC. All rights reserved.   Terms of Service