{"id":30055,"date":"2017-05-06T03:01:41","date_gmt":"2017-05-05T17:01:41","guid":{"rendered":"http:\/\/www.rjmprogramming.com.au\/ITblog\/?p=30055"},"modified":"2017-05-06T07:58:02","modified_gmt":"2017-05-05T21:58:02","slug":"ssl-certificate-primer-tutorial","status":"publish","type":"post","link":"https:\/\/www.rjmprogramming.com.au\/ITblog\/ssl-certificate-primer-tutorial\/","title":{"rendered":"SSL Certificate Primer Tutorial"},"content":{"rendered":"<div style=\"width: 230px\" class=\"wp-caption alignnone\"><a target=_blank href=\"https:\/\/www.rjmprogramming.com.au\/wordpress\/ssl_certificate.jpg\"><img decoding=\"async\" style=\"float:left;border: 15px solid pink;\" alt=\"SSL Certificate Primer Tutorial\" src=\"http:\/\/www.rjmprogramming.com.au\/wordpress\/ssl_certificate.jpg\" title=\"SSL Certificate Primer Tutorial\"  \/><\/a><p class=\"wp-caption-text\">SSL Certificate Primer Tutorial<\/p><\/div>\n<p>All our recent <a target=_blank title='SSL information from Wikipedia ... thanks' href='https:\/\/en.wikipedia.org\/wiki\/Transport_Layer_Security'>SSL<\/a> blog postings have been assuming something.  That &#8220;something&#8221; is that the web server you are writing web applications for, and are configuring, has had installed a relevant SSL Certificate to &#8220;work&#8221; and undersign the encryption logic software.<\/p>\n<p>In the case of our RJM Programming domain&#8217;s web server&#8217;s SSL Certificate we turned to our web hoster, <a target=_blank title='Crazy Domains' href='https:\/\/crazydomains.com.au'>Crazy Domains<\/a>, to provide an <a target=_blank title='Crazy Domains SSL package' href='https:\/\/www.crazydomains.com.au\/help\/#sHUda02arWIuEJKB.97'>SSL product<\/a> here, that can go into the makeup of your &#8220;web server&#8221; package.  If your web server is a dedicated web server rather than a shared one, you can decide to install this SSL Certificate yourself, perhaps using <a target=_blank title='OpenSSL information from Wikipedia ... thanks' href='https:\/\/en.wikipedia.org\/wiki\/OpenSSL'><i>OpenSSL<\/i><\/a> based techniques &#8230;<\/p>\n<ul>\n<li><a target=_blank title='What is a CSR?' href='https:\/\/www.crazydomains.com.au\/help\/what-is-a-csr\/#F55Ivd8550QxAkQy.97'>What is a CSR?<\/a><\/li>\n<li><a target=_blank title='Create a CSR for OpenSSL' href='https:\/\/www.crazydomains.com.au\/help\/create-a-csr-for-openssl\/#deByYwCaGpATI32j.97'>Create a CSR for OpenSSL<\/a><\/li>\n<\/ul>\n<p>However you do it, these SSL <i>htt<\/i><i>ps:<\/i> based URLs don&#8217;t just happen without the SSL Certificate arrangements in place.<\/p>\n<p>What are the Pros and Cons of SSL (thanks to <a target=_blank title='SSL Pros and Cons 1 of 3' href='https:\/\/www.ssl.com\/article\/pros-and-cons-of-ssl-https-tls\/'>this webpage<\/a> and <a target=_blank title='SSL Pros and Cons 2 of 3' href='https:\/\/blog.nexcess.net\/2014\/09\/03\/the-pros-and-cons-of-implementing-ssl-https\/'>this webpage<\/a> and <a target=_blank title='SSL Pros and Cons 3 of 3' href='http:\/\/it.toolbox.com\/blogs\/understanding-crm\/pros-and-cons-of-ssl-encription-and-protection-71116'>this webpage<\/a>)?<\/p>\n<table>\n<tbody>\n<tr>\n<th>Pros<\/th>\n<th>Cons<\/th>\n<\/tr>\n<tr>\n<td>Trust<\/td>\n<td>Cost of Certificate<\/td>\n<\/tr>\n<tr>\n<td>Verification<\/td>\n<td>Mixed Content issues<\/td>\n<\/tr>\n<tr>\n<td>Integrity of Data<\/td>\n<td>Proxy Caching<\/td>\n<\/tr>\n<tr>\n<td>Google and SEO<\/td>\n<td>Mobile application issues<\/td>\n<\/tr>\n<tr>\n<td>Prevent data breaches<\/td>\n<td>Performance<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>And now we have a general question and answer session, for beginners, regarding SSL &#8230;<\/p>\n<table>\n<tbody>\n<tr>\n<th>Question<\/th>\n<th>Answer<\/th>\n<\/tr>\n<tr>\n<td>What&#8217;s the go with wildcard (multi-subdomain) SSL Certificates?<\/td>\n<td>Have a read of <a target=_blank title='Multi-subdomain SSL' href='https:\/\/security.stackexchange.com\/questions\/10538\/what-certificates-are-needed-for-multi-level-subdomains'>this webpage<\/a><\/td>\n<\/tr>\n<tr>\n<td>What will happen to <i>htt<\/i><i>ps:<\/i> based URLs should the SSL Certificate expire?<\/td>\n<td>Thanks to <a target=_blank href='http:\/\/yourbusiness.azcentral.com\/happens-ssl-certificates-expire-13831.html' title='Expired SSL Certificate information'>this webpage<\/a> for <\/p>\n<blockquote cite='http:\/\/yourbusiness.azcentral.com\/happens-ssl-certificates-expire-13831.html'><p>An expired SSL certificate may deter website users, but it does not prevent data from flowing securely between the site&#8217;s server and a user&#8217;s browser. A website with an expired certificate will still encrypt outgoing data, and the browser will decrypt the data as it is received. Visitors merely need to verify that they are communicating with the website over a secure connection. This can be done by looking for an &#8220;https:\/\/&#8221; prefix at the beginning of the URL in the browser&#8217;s address bar.<\/p><\/blockquote>\n<\/td>\n<\/tr>\n<tr>\n<td>How can you tell whether an SSL Certificate has been installed on a web browser?<\/td>\n<td>When you try a URL with https: protocol at the start you should get an informational icon to the left of the web address that today&#8217;s <a target=_blank href=\"https:\/\/www.rjmprogramming.com.au\/wordpress\/ssl_certificate.jpg\" title='Click picture'>tutorial picture<\/a>  shows and more is explained at <a target=_blank title='SSL Certificate details' href='https:\/\/help.crucial.com.au\/hc\/en-gb\/articles\/202376474-How-do-I-verify-my-SSL-Certificate-details-expiry-date-'>this webpage<\/a><\/td>\n<\/tr>\n<tr>\n<td>Can you have an SSL Certificate installed correctly but not get the web browser padlock happening that shows encryption is happening?<\/td>\n<td>You bet, either if you are accessing a subdomain not covered by the certificate, or if the certificate cover &#8220;breaks&#8221; because of &#8220;Mixed Content&#8221;, like we have been raving about with recent blog postings.<\/td>\n<\/tr>\n<tr>\n<td>What&#8217;s the latest on that SSL &#8220;hack&#8221; problem from recent times?<\/td>\n<td>Have a look through <a target=_blank title='Google search' href='https:\/\/www.google.com.au\/search?q=SSL+hacking+issue&#038;ie=utf-8&#038;oe=utf-8&#038;client=firefox-b-ab&#038;gfe_rd=cr&#038;ei=6TkMWaODDbTr8AfZiZj4Bw'>this Google search<\/a><\/td>\n<\/tr>\n<tr>\n<td>How can I tell if a domain uses a dedicated web server or uses a shared web server?<\/td>\n<td>Report at <a target=_blank title='Web hosting report' href='https:\/\/check-host.net\/ip-info'>this webpage<\/a> could help.<\/td>\n<\/tr>\n<tr>\n<td>How can the search engines get to notice newly encryptable SSL <i>htt<\/i><i>ps:<\/i> based URLs?<\/td>\n<td><a target=_blank title='Google Webmasters' href='https:\/\/www.google.com\/webmasters\/'>Google Webmasters<a> recommends <\/p>\n<blockquote cite='https:\/\/support.google.com\/webmasters\/answer\/93633?hl=en'><p>Redirect your users and search engines to the HTTPS page or resource with server-side 301 HTTP redirects.<\/p><\/blockquote>\n<p> &#8230; but we have more work to do before this.<\/td>\n<\/tr>\n<tr>\n<td>Why is an SSL duck?<\/td>\n<td>Because it flies so high.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Hope this has some pointers for a web server SSL quest you are thinking of embarking on.<\/p>\n<p>If this was interesting you may be interested in <a title='Click here to see topics in which you might be interested' href='#d30055' onclick='var dv=document.getElementById(\"d30055\"); dv.innerHTML = \"&lt;iframe width=670 height=600 src=\" + \"https:\/\/www.rjmprogramming.com.au\/ITblog\/tag\/ssl\" + \"&gt;&lt;\/iframe&gt;\"; dv.style.display = \"block\";'>this<\/a> too.<\/p>\n<div id='d30055' style='display: none; border-left: 2px solid green; border-top: 2px solid green;'><\/div>\n","protected":false},"excerpt":{"rendered":"<p>All our recent SSL blog postings have been assuming something. That &#8220;something&#8221; is that the web server you are writing web applications for, and are configuring, has had installed a relevant SSL Certificate to &#8220;work&#8221; and undersign the encryption logic &hellip; <a href=\"https:\/\/www.rjmprogramming.com.au\/ITblog\/ssl-certificate-primer-tutorial\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,37],"tags":[249,2195,2196,2194,355,513,2197,1952,1134,1682,2193,1213,1319,1408,1411],"class_list":["post-30055","post","type-post","status-publish","format-standard","hentry","category-elearning","category-tutorials","tag-configuration","tag-crazy-domains","tag-csr","tag-dedicated","tag-domain","tag-google","tag-google-webmaster","tag-openssl","tag-shared","tag-ssl","tag-ssl-certificate","tag-subdomain","tag-tutorial","tag-web-hosting","tag-web-server"],"_links":{"self":[{"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/posts\/30055"}],"collection":[{"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/comments?post=30055"}],"version-history":[{"count":4,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/posts\/30055\/revisions"}],"predecessor-version":[{"id":30067,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/posts\/30055\/revisions\/30067"}],"wp:attachment":[{"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/media?parent=30055"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/categories?post=30055"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rjmprogramming.com.au\/ITblog\/wp-json\/wp\/v2\/tags?post=30055"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}