We’ve all logged onto websites with an https://… url. That little “s” in https designates that the connection is using TLS / SSL encryption, an added level of security when interacting with a website. The most common places to see this are on sites that collect personal information or payments, basically anything private that users wouldn’t want to escape into the world.
Secure Sockets Layer (SSL) and its cousin, Transport Layer Security (TLS), are open standards for providing secure www service (plus mail, FTP and telnet). Originally proposed by Netscape, SSL uses RSA public-key encryption for specific TCP/IP ports. SSL competes with Secure-HTTP (S-HTTP).
If you really want to get into the weeds and learn the ins and outs of TLS and SSL encryption, Wikipedia has a great article here.
If you need to transmit encrypted data between your site and your users and you do not already, consider using SSL encryption. Enabling SSL on your server is not as complex as it might seem. The first thing you need is an SSL certificate for your server. These certificates can be self-assigned, but your users’ browsers will not recognize them as secure and will warn the users when they navigate to your site.
Note: A good example of this is the warning you may have seen if you use the cPanel control panel to access your server. All cPanel servers come pre-configured with self-signed certificates. Self-signed SSL certificates are the cause of this warning.
To procure a signed (trusted) certificate, one must be purchased from a major authority (GeoTrust, Comodo, etc.) for the hostname of your server.
As an added benefit for ServInt customers, we offer both quick verification and full verification SSL certificates. We will assist you in installing any SSL certificate purchased through ServInt.
- Log into the customer portal.
- Under Products, click Manage [server name]
- Click on Order Addons and select + SSL Certificate.
Note: For those running multiple websites on one server, remember that you no longer unique IP addresses to install more than one SSL certificate. Servers running CentOS 6 with versions of cPanel 11.38 and higher support SNI (Server Name Indication). SNI indicates the hostname of the server the client is connecting to during the initial handshake process, which allows for users on shared servers to install SSL certificates without need of dedicated IP addresses.
Once the SSL certificate is installed in Apache, it is then simply a matter of coding your site’s links to load the appropriate pages using HTTPS. For example, if you are building a custom ecommerce solution, the link to “checkout” might be set to load the checkout page (requesting credit card info) as HTTPS.
Note: If you are using out-of-the-box ecommerce solutions such as Magento, they come preconfigured to use HTTPS assuming you have a certificate installed.
When SSL is installed on your server, users typing in your url manually can pull up any page of your server using SSL. But through your website design you can choose which pages must be loaded using SSL.
Photo by Yuri Samoilov