Jump to content

The question about SSL


Alex108
 Share

Recommended Posts

I have never worked with SSL certificates before, so i wanted to ask some questions about SSL.There is a website, let's call it A that gives a particular paid service to a group of websites (group :). When a registered user from any of websites B wants to use A he have to send to A some information includes user name and password. To owner of a B group convenient to use the same usernames and passwords for all these services. The one who can take possession of these data will be able to use sites A and B as well which is unacceptable. The question is: is the SSL could be a good solution for this situation? And do we can use the same usernames and passwords for A and B or it is better to use different usernames and passwords anyway? And is it correct that the owner of these websites needs to buy a SSL certificate for website A only.

Link to comment
Share on other sites

Those are two different issues. SSL encrypts traffic, it doesn't deal with usernames or passwords in any way. A site served over SSL has its traffic encrypted so that other people trying to spy on the traffic can't read the data. A normal SSL certificate will only secure a single domain, such as www.google.com but not google.com. A wildcard certificate can secure any subdomain, like *.google.com. I'm not aware of certificates which let you secure multiple domains, usually individual certificates are required.

Link to comment
Share on other sites

Those are two different issues. SSL encrypts traffic, it doesn't deal with usernames or passwords in any way. A site served over SSL has its traffic encrypted so that other people trying to spy on the traffic can't read the data. A normal SSL certificate will only secure a single domain, such as www.google.com but not google.com. A wildcard certificate can secure any subdomain, like *.google.com. I'm not aware of certificates which let you secure multiple domains, usually individual certificates are required.
All these websites have different domain names. Does it mean that SSL encrypts data which is coming from A to sites B only or it is also encrypts data that is coming from group B to A?
Link to comment
Share on other sites

It only encrypts traffic between the user's browser and whatever site they are viewing, as long as that site has a certificate installed and they access it over HTTPS.
But if i understand you correctly it is a positive answer. Different users can have encrypted traffic with one site using HTTPS. I mentioned passwords only to show why encryption is important.
Link to comment
Share on other sites

Thank you!Now, for example i have a website http://www.IhaveSSL.com with SSL certificate and i want to sent data to this site. Without SSL i can just create a form <form action="http://www.IhaveSSL.com/read_message.php" method="post"> etc.But if now it works with SSL how it affects a code? There must first be a secure connection established.

Edited by Alex108
Link to comment
Share on other sites

as far as i am aware, what you need to do is emulate a client form submittal to the domain - then send it via ssl to the domain you mentioned. that would mean that domain would have to have the ssl certificate installed correctly.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...