On Mon, Jun 8, 2009 at 1:34 PM, David Mintz<da...@davidmintz.org> wrote: > Ladies and gents, > > What's the latest greatest best practice for setting up an SSL-encrypted > area of a site? Do we recommend creating a subdomain like ssl.example.org or > secure.example.org, to emphasize to the users that they're accessing an > SSL-secured site? Or is it not really necessary? Pros and cons? >
That approach can minimize long-term costs -- funneling all secure traffic through one subdomain means that you only need a single commercially-signed certificate. That server can act as a reverse proxy for other internal servers with self-signed certificates if necessary. _______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show_participation.php
