Re: [joomla] SSL virtual hosting

Mon, 25 Nov 2013 07:37:41 -0800 

Gary,
Do you recommend an SSL be purchsed for every site? Or would self-signed certificates be acceptable? 


If there is an SSL covering the entire server, accessing the Joomla 
login  page  via the virtual directory can be done securely. That is, if 
you have not canonicalized the site's default URL using .htaccess


Mark

 On 11/25/2013 8:39 AM, Gary A. Mort wrote:

I hadn't looked at how SSL works on web servers for a number of 
years.  The last time I worked with SSL the common rule was that you 
had to have a  distinct IP address for every domain name that you 
wanted to use SSL for[so you could have an SSL certificate for each 
different domain]


Heck, even the Apache Wiki still states it in some places:
http://wiki.apache.org/httpd/NameBasedSSLVHosts


However, when poking around I ran across references to SNI and using 
multiple certificates for the same IP Address. 
http://www.ietf.org/rfc/rfc4366.txt This dates all the way back to 
2006, so it has been around for quite a while!


Browser support for it goes back a good way as well:
http://en.wikipedia.org/wiki/Server_Name_Indication#Browsers_with_support_for_TLS_server_name_indication.5B6.5D


Interestingly, for Internet Explorer it isn't the browser version 
which matters, but the operating system, IE uses the operating system 
to perform SSL encryption.  This means that it won't work in IE on 
Windows XP or any earlier windows operating system.  It will work for 
Internet Explorer on Windows Vista[released in 2007] and any later 
windows operating system.



As such, it's a fair to say that SSL for virtual hosts will work for 
almost all users these days - and there is no reason not to enforce 
the use of SSL for the Joomla Admin section as well as make sure that 
all your admin users, at the very least, use SSL when they log on to 
your websites.



This may be old news to everyone here, but since it was new to me I 
figured I'd pass it on.



_______________________________________________
New York PHP SIG: Joomla! Mailing List
http://lists.nyphp.org/mailman/listinfo/joomla

NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com

Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php



_______________________________________________
New York PHP SIG: Joomla! Mailing List
http://lists.nyphp.org/mailman/listinfo/joomla

NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com

Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php





















					Reply via email to