Heal Your Church WebSite


Teaching, rebuking, correcting & training in righteous web design.

Secure Socket Layer Exploratory – Intro

I’m in a situation where I might have to provide some secure communications. No, no online store with lots of HealYourChurchWebSite swag, but I do know some church websites sell things like cookbooks and Christmas goodies, as well as take donations online. There are also situations where missionaries are in Christian-hostile countries, and need a secure means of surfing and posting their information outside of encrypted email. So over the next weeks, I’m hoping some of you will pipe up with suggestions and how-to’s as I also experiment with this and that.

One of the reasons I’m asking for your help is because it is has been 3 years since I’ve done anything with an e-commerce site – and that’s essentially what we’re talking about here – at least mechanically. So if we measure time the computer in dog years, it is a good bet that things have probably changed radically. One thing tha that hasn’t changed is the Internet’s use of Secure Socket Layer (SSL) to provide encrypted information to and from a client browser application and a web server. One of the things that has changed is that there are now SSL resources that can be implemented for budget-minded organizations.

Which is why the first item on my reading list is mod_ssl: The Apache Interface to OpenSSL – “This module provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the Open Source SSL/TLS toolkit OpenSSL, which is based on SSLeay from Eric A. Young and Tim J. Hudson.

Second on my reading list is OpenSSL: The Open Source toolkit for SSL/TLS – “The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

Third, a refresher on Digital Certificates. – “Encryption is the process of using a mathematical algorithm to transform information into a format that can’t be read (this format is called cipher text). Decryption is the process of using another algorithm to transform encrypted information back into a readable format (this format is called plain text). Digital Certificates are your digital passport, an Internet ID. They are verification of you who you are and the integrity of your data.

Of course the other trick will be getting my web host to play along. Meanwhile, I’ve got some reading to do. Meanwhile, if you have any experiences or suggestions, don’t be show, throw down a comment.

2 Comments

  1. Many (not all, mind you) webhosts will make a shared SSL certificate available for use at no charge. It often means using a URL off their domain instead of your own. But, for the budget conscious, this is a small price to pay.

  2. Please u send more about openSSL.