Socket Layers (SSL)
is Secure Sockets Layer (SSL)?
Sockets Layer (SSL) is a system that allows for a private
connection when communicating with other SSL-enabled
products. It is symmetric encryption nested within
public-key encryption and authenticated through the use of
certificates. A SSL
connection can only occur between an SSL-enabled client
and an SSL-enabled server. In fact, when a server is
running in SSL mode, it can only communicate through SSL.
certificate is a statement signed by an independent and
trusted third party. The statement usually follows very a
specific format, laid down in a standard called X509, but
it doesn't have to.
certificate contains three elements:
Subject Name and Other Certificate
information about the object being certified. In the case
of a person this might include your name, nationality and
email address, your organization, and the department
within that organization where you work. It could also
include a picture of you, a codification of your
fingerprints, your passport number, and so on.
Public Key Information
is the public key of the entity being certified. The
to bind the public key to the attributes information
described above. The
public key can be any asymmetric key, but is usually an
Certifying Authority Signature
CA signs the first two elements and thereby adds
credibility to the certificate. People who receive the
certificate check the signature and will believe the
attribute information / public key binding if they trust
that certifying authority.
or Obtaining a SSL Certificate
share one of netbasiks.com's
certificates if you are just getting started and don't
want to purchase your own. If you are serious about
security and run an e-commerce web site, netbasiks.com
recommends getting your own certificate. Besides the
security and stability advantages, now visitors can access
your secure site with your domain name and not as a
directory of the server you are on. (https://www.yourdomain.com
as opposed to https://ssl.server.com/yourdomain/).
When you get your own certificate, your customers see your
name on the certificate and not ours.
decide to share our certificate, your site is
automatically set up with it at https://ssl.securenameservers.com/yourdomain/.
For example, if your domain name is is justkidding.com
your secure url will be (note https, not http): https://ssl.securenameservers.com/justkidding/
find the server you are on from the welcome letter netbasiks.com
your own Certificate.
that you purchase your own certificate. Although the
certificate we provide is 128bit encrypted, and conducting
transactions through it is very safe and secure, many of
our clients prefer to buy their own certificate. You can
get your own certificate from a variety or sources. You
can get a certificate from:
to obtaining your own Certificate
obtain your own certificate, companies like Thawte need
proof of identity. A proof of organizational name and
proof of the right to a domain name are required. For
specific details, look here:
your control panel. Here you can generate a Certificate
Signing Request (CSR) and RSA private key that needs to be
sent to the certificate issuing company. Contact a
certificate issuing company with the private RSA key and
your necessary identification information or use the
control panel submission feature.
process for installing a certificate is fairly automated
from here. You still need the information obtained in step
one. Follow the instructions for placing the necessary
information in the text fields. You place the RSA private
key in the text area first, then the certificate key that
was sent to you by whomever you purchased it from.
Front Page with SSL
secure forms with front page and a shared certificate can
cause problems. While we've found this to work
sporadically it most often doesn't. If you want to use
secure forms with front page you will have to purchase
your own certificate.
CGI Scripts Using SSL
do I call a CGI script securely?
scripts under a secure connection, you must
submit a support request to activate SSL for your account.
local CGI BIN, your path would look like this:
would like to use formmail.pl
securely you first need to:
Save a copy of this script on your local hard
into your local
Then, instead of calling the universal /cgi-sys
you would call your own
It would look something like this:
do NOT include the extension of your domain (ie. '.com',
is your server path to PERL and Sendmail?
path to PERL is:
The path to
the Sendmail program is:
do I set permissions inside my CGI BIN?
browser returns "Internal Server Error"
every time you submit your form, you did not have the
right permission set for your script. Do the following to
set the permission:
and issue the following command:
will give universal execute permissions for that file.
also set file permissions through the File Manager located
in your Control Panel or your FTP client like