 SSL
All Xenoplanet domain accounts
support Xenoplanet Secure Server connections with 128-bit SSL (Secure
Socket Layer). Documents found on your main website also appear securely
at https://www.keysecure.com/yourdomain.com/.
File Locations
All documents on your site can be accessed both normally, and through
the secure server. The following URLs display identical content:
http://www.yourdomain.com/
https://www.keysecure.com/yourdomain.com/
Similarly, the /cgi-bin directory is
mirrored:
http://www.yourdomain.com/cgi-bin/
https://www.keysecure.com/yourdomain.com/cgi-bin/
Many FreeCGI bundled scripts are also mirrored:
http://www.yourdomain.com/cgi-t/
https://www.keysecure.com/yourdomain.com/cgi-t/
HTML Issues
Because your site can be accessed via two separate URLs, it is important
to avoid absolute paths when coding HTML (if you intend to code HTML
for use by both servers). For example, placing the following code in
your index.html file:
<IMG SRC="/images/myimage.gif">
will work with the normal webserver. However, it will not work with
the secure server. The proper code would be:
<IMG SRC="images/myimage.gif">
Microsoft FrontPage Issues
When managing or publishing webs, Microsoft FrontPage users should not
click the "Secure connection required" box, and should not attempt to
connect to the secure URL. Because the secure and normal websites are
mirrors of each other, FrontPage users should follow the normal FrontPage instructions when managing
their site.
CGI Issues
CGI is executed identically by both the normal webserver and the secure
server. To determine the server type (secure vs. normal) within your
CGI script, simply examine the HTTPS
environment variable. If HTTPS=ON, the
script is being accessed through the secure server; otherwise it is
being accessed through the normal webserver.
Please see our tips for writing portable
CGI scripts for pointers on writing CGI scripts which work correctly
through both secure and normal webservers.
https://www.yourdomain.com/
After establishing your secure presence, you
may be interested in "upgrading" the secure URL to one of the form "https://www.yourdomain.com/".
In this case, rather than sharing the Keysecure key, the account will
have its own key, and its own secure URL.
In order to maintain your own key, Xenoplanet must generate the key,
and you must have the key signed by a certification authority. You may
wish to familiarize yourself with this
process.
Xenoplanet does not charge an additional monthly fee for https://www.yourdomain.com/
hosting. However, there are two fees involved:
- A yearly certification fee, payable to
a certification authority. We recommend Verisign.
Verisign, the acknowledged leader in secure certificates, charges
$349/year, which covers the maintenance of the key and signature
for one year.
- A one-time key generation fee, payable
to Xenoplanet. This $25 fee covers the administrative costs associated
with the generation of a secure key.
To upgrade to a https://www.yourdomain.com/
secure URL, follow these steps:
- Email the following key generation request
form to support@xenoplanet.com:
Key generation request form
- Account name (domain name)
- Legal name of your organization
- Department (optional)
- Requested secure URL (https://www.yourdomain.com)
- City
- State
- Zip
- Country
- Certification entity (Verisign or
Thawte)
- Administrative contact email address
- Xenoplanet will process your request
(please allow at least 24 hours). Once your request has been processed,
Xenoplanet will email you a completed CSR (certificate signing request)
and application URL for your certification authority (typically
Verisign). Paste
the CSR into the designated form; then follow the step-by-step application
process.
During this process, you will be prompted to verify that the information
provided in step 1 is correct. Please double-check this information,
as it can not be modified once you complete the application process.
You will be prompted for organizational information about your company,
as well as payment information.
- After completing the CSR form, you will
receive your signed certificate from Verisign
by email, usually within 3-5 business days, depending on the specific
verification process, and depending on the accuracy of the information
you provided during the application process.
- Simply email the signed certificate to
support@xenoplanet.com. Please
include your account name in the email. Allow 48 hours for the installation
of your signed certificate. At that time, you will have a secure
URL of https://www.yourdomain.com/.
Note:
your https://www.keysecure.com/yourdomain.com/
secure URL will continue to function normally.
Choosing Verisign
or Thawte as your certification
authority
Although Verisign is the acknowledged leader as a certification authority,
many users choose Thawte because of its price -- $125/year instead of
Verisign's $349/year.
Xenoplanet supports both certificate types. Please note that Thawte
certificates do not function properly on certain browsers: Internet
Explorer 3.02 or lower; Netscape 2 or lower.
Xenoplanet's shared keys and internal-use keys are furnished by Verisign.
Transferring your secure key from another provider
If you have previously setup a secure key with another provider, and
wish to move your certificate to Xenoplanet, you must send both the
key and the certificate to Xenoplanet. Without both key and certificate,
you will need to obtain a new key from Verisign.
Secure server specs
Xenoplanet uses Stronghold
secure server, which is a derivative of Apache (our normal webserver).
Every effort has been made to insure that the secure server behaves
identically to the normal webserver.
read also the E-Commerce - SSL FAQ
|
Miscellaneous
