Ontario Web System Administrator wrote: > How dose some other servers I see run ssl under there servers for there > clients with the certificate from root ???
I'm not sure what you mean. Do you mean a secure cert to administer the server? Or do you mean a secure cert for your clients to be able to have secure pages for their customers to pay them? If the former, you just either buy or self-issue a cert for your main site, and then whenever any of your clients try to administer their site through the gui interface they'll use your site cert. But they WILL get an error message from their browser telling them it's a cert for your domain; not theirs. And if it's a self-issued cert, they'll get a warning for that as well. If the latter, then the best thing to do, and what many other hosting companies do, is to buy a cert for a "secure site" you set up on your server, for example you could create a site on your server called "secure.ontarioweb.ca". Then each of your clients would have a secure site at, for example "https://secure.ontarioweb.ca/nobaloney.net/";; you'd simply create a folder under the /home/sites/secure.ontarioweb.ca/web/ for "nobaloney.net" and a user named, for example, nobaloney. Then in the /etc/passwd file (as root) you'd change the user's homepage to /home/sites/secure.ontarioweb.ca/web/nobaloney.net?. Then your client could ftp his secure site using his new username you just gave him specifically for the secure site, and link to his secure site. What you CANNOT do is buy a cert that would work for any domain on your Raq. While most of us think of secure sites as encrypting data, they have another function as well; they assure you that you've reached the site you wanted to reach. Cert issuers (we issue certs <smile>) verify your identity and your right to use the domain name before they issue the site. If they didn't, you could (for example), buy the domain "micorsoft.com", get a secure site for "secure.micorsoft.com", and steal business and money from everyone who mistypes the name "microsoft". It's called due diligence <smile>. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net, P. O. Box 52672, Riverside, CA 92517 voice: +1 909 778-9980 * fax: +1 909 548-9484 _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
