I don't want to disturb my support hotline too much.
First they said shared ssl is activated buthttps://
www.mypage.tlddid
not work.
I found out that you should provide a certain directory where shared
ssl is working on your webspace.
Now my provider accepted to activate shared ssl for a certain
directory e.g. /dontfear
under my /doc_root
So which possibilities do I have now to put I https link to that
directory?
I posted a day ago, but the post has not yet appeared using my reader.
Thus I will try again.
There are many ways hosts can set up for ssl. One could use a
dedicated directory for ssl files only, but there also are ways to
just use any of your existing files on the server and just have to
change the url in the case of using shared ssl. Perhaps your provider
provides a manual for the details of setting up shared ssl.. Anyway
you likely will have to get information in some way from the provider
of the service unless you name the service, if commercial, and
someone here has used their service as well as shared ssl on it.
Although it sounds as if your host does things in a different manner
from mine, I will illustrate what I have to do for shared ssl pages.
The host has an online manual in which ssl is described at
http://www.hostexcellence.com/index.php/v2/pages.manual11 . Turning on
shared ssl is very easy at the control panel.
The url of a simple gif is
http://www.cwdjr.net/pic/frog_eats_fly.gif
.. With ssl turned on at the control panel, the url for the secure page
becomes
https://cwdjr.c6.hostexcellence.com/pic/frog_eats_fly.gif .
Another page is at
http://www.cwdjr.net/boan/HappyNewYear1.php . There
is a complication, because this page has a link to a large external JS
in another file. The secure page is
https://cwdjr.c6.hostexcellence.com/boan/HappyNewYear1.php
.. Thus this page is part secure and part non-secure because of the
link to the external script. Browsers handle this in different ways.
Most of the browsers will inform you that the page contains some non-
secure material. Many browsers will ask before displaying the page.
View on Firefox, IE7, Opera, and Safari to see how different browsers
respond. A simple way to overcome this problem is by moving all
external scripts, css files, etc to the main page. I would never give
personal information, such as credit card numbers, over a page that
has partial non-secure content. I do not know much about hacking, but
I would guess a good hacker might be able to use an external non-
secure script to do very naughty things.
Since New Year Eve will be here soon, I will mention that there is
another version of the New Year Page at
http://www.cwdjr.net/boan/HappyNewYear2.php
.. One may need a few absinthe drips before viewing this page. It
includes swf/flv video, dhtml effects, and even Java! Yes you can
still use an applet and have the page validate at W3C, but you are
limited to only transitional and frame set versions of html 4.01 and
xhtml1.0.
