Stories
Slash Boxes
Comments

SoylentNews is people

SSL Redux

Journal by mcgrew

Back in March I asked you guys if I should put SSL on my mcgrewbooks.com site, since it appeared that it would raise my hosting cost by $25 a year, and there was no technical reason to have it; there is no personal information collected whatever.
        I gave a lot of thought to the comments for months, and yesterday decided to go ahead and spend the money; I just put three grand on my mortgage principal. So I went to R4L’s web site to find where I could add SSL. I couldn’t find it.
        However, their help is actually a Canadian who helps through text chat, who informed me that paid hosting came with SSL, I simply had to turn it on.
        Well, it wasn’t that simple, as they’re upgrading their tools and I ran across a couple of 404s. But I finally found the correct widget to click, so the unnecessary lock is no longer broken.
        My other site still has a broken lock, but it’s a “free” site. Registration there is $15, but you get ten megabytes of hosting. Those are the kind of site that an extra $25 buys SSL, and you might as well pay for hosting. It isn’t much more, and it isn’t hard to fill ten megs. Almost all of the images at mcgrew.info are either on Wikipedia (which reminds me, I should donate again) or mcgrewbooks.
        I wish I would have known that five years ago! But I’m still more than happy with R4L.
        Since R4L is Canadian, whose internet laws apply? America’s? Canada’s? Both? Neither?

 

Reply to: Re:It is worth learning how to set up SSL/TLS

    (Score: 2) by RS3 on Saturday October 16 2021, @06:52PM

    by RS3 (6367) on Saturday October 16 2021, @06:52PM (#1187542)

    Thank you so much DannyB. Some years ago I inherited a Tomcat server, but those websites were being shut down, so I did very little with it. I know much of what you wrote, and thank you so much for the confirmation.

    Re. cert: for testing I generated a self-signed one. It's easy. I won't use it (them?) in production because they cause a browser to prompt the user to accept the cert, and that's not a good thing. When I get the mechanism working we'll buy a cert, or get a free one if it's available for this situation.

    Yes, I've run through the many tutorials, each of which has some differing approaches. Apache has some "interesting" ways of setting up .conf files and their directory tree, including .htaccess files and their parameters, and I'm just never sure it sees everything. 'apachectl configtest' just gives an okay or not okay, AFAIK.

    As I mentioned below, it's mostly that I need a block of time to focus on it and I'll get it. And as AC below said, getting better mod_ssl logging will help. But I don't think mod_ssl is even getting called...

Post Comment

Edit Comment You are not logged in. You can log in now using the convenient form below, or Create an Account, or post as Anonymous Coward.

Public Terminal

Anonymous Coward [ Create an Account ]

Use the Preview Button! Check those URLs!


Logged-in users aren't forced to preview their comments. Create an Account!

Allowed HTML
<b|i|p|br|a|ol|ul|li|dl|dt|dd|em|strong|tt|blockquote|div|ecode|quote|sup|sub|abbr|sarc|sarcasm|user|spoiler|del>

URLs
<URL:http://example.com/> will auto-link a URL

Important Stuff

  • Please try to keep posts on topic.
  • Try to reply to other people's comments instead of starting new threads.
  • Read other people's messages before posting your own to avoid simply duplicating what has already been said.
  • Use a clear subject that describes what your message is about.
  • Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
  • If you want replies to your comments sent to you, consider logging in or creating an account.

If you are having a problem with accounts or comment posting, please yell for help.