SSL on Production

I was able to install the SSL cert on prod in less than 5 minutes. that is the advantage of setting up a quality environment that truly matches prod; you can make the prod changes so easily and help keep your prod environment pristine.

now back to the multilingual stuff. i hate to get distracted but i really hate creds in clear text. ssl had to be done.

Advertisements

SSL installed on Quality

this link was fantastic and worked perfectly. I now have ssl running on my quality site.

http://wiki.centos.org/HowTos/Https – this is applicable to centos, which is what i am using in qual/prod

this is why centos is such a great choice for linux. great support!

SSL, Linux and you

Today I am going to place an SSL cert on my quality site and then, following change management BPs, my prod site.

i’ve worked with ssl for years in the corporate environment and relatively easy to do. and simpler than a lot of people realize. you don’t need to spend four figures with verisign to leverage ssl. ssl can be free and the only trade off is that you’ll need to install the cert in your local store (not hard to do at all) so that your browser will recognize and trust it, or just deal with a message that the cert may not be valid because it doesn’t “chain” in the local store.

Here’s one good link:

http://slacksite.com/apache/webserver.php

http://wiki.centos.org/HowTos/Https – this is applicable to centos, which is what i am using in qual/prod

if you want to see all the certs in your local store you can do it with the certificates snap in for the mmc on your windows box. i won’t go into all the steps but if someone has questions, post and i’ll help.

the bottom line is, use ssl. you don’t want to use a user name and password field over port 80. that is just inviting trouble. and even the cheap certs like digicert are fine. with verisign, you’re paying for a cert that will be recognized by as many browsers worldwide as possible. and you’re paying for their cust service. which is really good. if your site will be local to the us, buy a cheap cert and use it.