New SSL URLs!

stevel · 9-9-03, 12:39 PM

I was browsing my OPS panel and discovered that I now have new URLs specified for SSL access, in the form: https://server.powweb.com/~username There's also one with just http if you want to get at your site without your domain name. This will help e-commerce users as one no longer needs to use the funny port.

The downside is that this exposes the webuser name, which I am not particularly thrilled about...

Nino · 9-10-03, 01:43 PM

Quote:

Originally posted by stevel
The downside is that this exposes the webuser name, which I am not particularly thrilled about...

I'm not using SSL at the moment, but I wonder: isn't it possible to hide the url by doing a redirect using the .htaccess file and a sub-domain?
For ex.:
have https://secure.yourdomain.com/
and have it point to: https://yourserver.powweb.com/~yourusername/

I don't know if that would work but it's just a thought. (probably not -- maybe I'll try it later)

I do agree that exposing the username name is a downside.
In addition, to the web site visitor, it would look like they're leaving your website.

stevel · 9-10-03, 02:39 PM

No, you can't do the redirect. As soon as someone types https://secure.yourdomain.com/, the user will get an error from the browser saying that the certificates don't match.

tbonekkt · 9-10-03, 05:25 PM

Quote:

Originally posted by stevel
The downside is that this exposes the webuser name, which I am not particularly thrilled about...

How about creating a new webuser just for this purpose? That way, you're not revealing the primary username.

stevel · 9-10-03, 05:58 PM

It's not clear to me what that accomplishes, though it's good to keep in mind if one chose a webuser name that doesn't look good in a public URL.

tbonekkt · 9-10-03, 06:02 PM

Do additional webusers have full control or can access be limited. I haven't created an additional webuser, so I don't know.

**NMS** · 9-10-03, 06:08 PM

what about a cname? Can this hide the long URL and username?

tbonekkt · 9-10-03, 06:10 PM

Quote:

Originally posted by nmsupplies
what about a cname? Can this hide the long URL and username?

How would that differ from a subdomain?

**NMS** · 9-10-03, 06:13 PM

anyway doesn;t let you create a cname

tbonekkt · 9-10-03, 06:14 PM

Quote:

Originally posted by nmsupplies
anyway doesn;t let you create a cname

I wonder why...did you get any error message?

**NMS** · 9-10-03, 06:21 PM

if i am not mistaken... it was invalid host

the problem is the /~username/ part

Song · 9-10-03, 07:31 PM

I tried this idea the moment I learned of this change and it did not work. Powweb made sure that the primary Ftp will be the only one tenable. I think they should explain to us the reason for this change or how we will adapt our e-commerce websites to utilize this change.

I made the changes in my Config.php files (both Catalog and Admin) and when I tried the shopping cart, I noticed that it switched automatically from:

https://www.yourdomain.com/~username

TO

https://www.yourdomain.com/12345

So, If any one clearly understands this change, let them communicate. Thank you.

Song

stevel · 9-11-03, 09:55 AM

I think you still have the old port number in one of your config files. It doesn't do that to me.

A CNAME won't work, as all it does is provide an alternative host name - not a URL substitution.

9-11-03, 10:11 AM

As of right now thats how the SSL link will work; however, PowWeb will soon all clients to start using their own Certs for SSL if they wish to. The full details have not been released since this feature is still in the works of being implymented, but i will keep you posted.

9-11-03, 10:19 AM

Sorry about the typo, what i meant to say was, "PowWeb will soon ALLOW clients to start using their own Certs for SSL if they wish to. " Again, keep in mind that this is still in the works.

Also, for a little explanation as to why the new SSL looks they way it does... Well basically its set this way so that the authentication will run much faster on the server side, so you should notice a difference when using it this way.

**NMS** · 9-11-03, 01:33 PM

I noticed that is indeed faster then it was previously.

I created a cname which points powweb server to my domain and all I managed to achieve was this:

https://anything.mydomain.com/~username

It pops up security screen for the certificate which is issued in the name of powweb.

9-11-03, 05:33 PM

Again, no, this will NOT work because fo the fact that you are using our Shared SLL link which is using our own Cert. There is no way around it. Sorry.

JadedMan · 9-17-03, 01:59 AM

Thank you, thank you, thank you!!! The one MAJOR problem I was having and you guys fixed it! Regular port 443 access is needed to get through most corporate firewalls. Thank you.

9-9-03, 12:39 PM	#1
stevel XPW Join Date: Jun 2002 Location: New Hampshire, USA Posts: 9,464 Reputation: 265	New SSL URLs! I was browsing my OPS panel and discovered that I now have new URLs specified for SSL access, in the form: https://server.powweb.com/~username There's also one with just http if you want to get at your site without your domain name. This will help e-commerce users as one no longer needs to use the funny port. The downside is that this exposes the webuser name, which I am not particularly thrilled about... __________________ Steve

9-10-03, 02:39 PM	#3
stevel XPW Join Date: Jun 2002 Location: New Hampshire, USA Posts: 9,464 Reputation: 265	No, you can't do the redirect. As soon as someone types https://secure.yourdomain.com/, the user will get an error from the browser saying that the certificates don't match. __________________ Steve

9-10-03, 05:58 PM	#5
stevel XPW Join Date: Jun 2002 Location: New Hampshire, USA Posts: 9,464 Reputation: 265	It's not clear to me what that accomplishes, though it's good to keep in mind if one chose a webuser name that doesn't look good in a public URL. __________________ Steve

9-10-03, 06:02 PM	#6
tbonekkt Join Date: Dec 2002 Location: TX Posts: 12,381 Reputation: 248	Do additional webusers have full control or can access be limited. I haven't created an additional webuser, so I don't know. __________________ Thank you to all forum participants.

9-10-03, 06:08 PM	#7
NMS Moderator Join Date: Apr 2002 Location: Malta - Europe Posts: 7,108 Reputation: 125	what about a cname? Can this hide the long URL and username? __________________ Neville NMS Designs - Website Services & Graphic Design. ThesisAbstracts.com - A website for under-graduates and graduates. Ktieb.com - Sell, Buy and Watch New & Second Hand Books online. Website Agent - Online discounts & Resources for web designers. - new promotions just updated Sell and Buy Stuff Classified - Free of Charge You never have a second chance to make a first good impression!

9-10-03, 06:13 PM	#9
NMS Moderator Join Date: Apr 2002 Location: Malta - Europe Posts: 7,108 Reputation: 125	anyway doesn;t let you create a cname __________________ Neville NMS Designs - Website Services & Graphic Design. ThesisAbstracts.com - A website for under-graduates and graduates. Ktieb.com - Sell, Buy and Watch New & Second Hand Books online. Website Agent - Online discounts & Resources for web designers. - new promotions just updated Sell and Buy Stuff Classified - Free of Charge You never have a second chance to make a first good impression!

9-10-03, 06:21 PM	#11
NMS Moderator Join Date: Apr 2002 Location: Malta - Europe Posts: 7,108 Reputation: 125	if i am not mistaken... it was invalid host the problem is the /~username/ part __________________ Neville NMS Designs - Website Services & Graphic Design. ThesisAbstracts.com - A website for under-graduates and graduates. Ktieb.com - Sell, Buy and Watch New & Second Hand Books online. Website Agent - Online discounts & Resources for web designers. - new promotions just updated Sell and Buy Stuff Classified - Free of Charge You never have a second chance to make a first good impression!

9-10-03, 07:31 PM	#12
Song Join Date: Jul 2003 Location: Pittsburgh Posts: 55 Reputation: 5	Creating A New Username I tried this idea the moment I learned of this change and it did not work. Powweb made sure that the primary Ftp will be the only one tenable. I think they should explain to us the reason for this change or how we will adapt our e-commerce websites to utilize this change. I made the changes in my Config.php files (both Catalog and Admin) and when I tried the shopping cart, I noticed that it switched automatically from: https://www.yourdomain.com/~username TO https://www.yourdomain.com/12345 So, If any one clearly understands this change, let them communicate. Thank you. Song Last edited by Song : 9-10-03 at 08:43 PM.

9-11-03, 09:55 AM	#13
stevel XPW Join Date: Jun 2002 Location: New Hampshire, USA Posts: 9,464 Reputation: 265	I think you still have the old port number in one of your config files. It doesn't do that to me. A CNAME won't work, as all it does is provide an alternative host name - not a URL substitution. __________________ Steve

9-11-03, 10:11 AM	#14
Ed-Seigal Posts: n/a	re: new ssl As of right now thats how the SSL link will work; however, PowWeb will soon all clients to start using their own Certs for SSL if they wish to. The full details have not been released since this feature is still in the works of being implymented, but i will keep you posted.

9-11-03, 10:19 AM	#15
Ed-Seigal Posts: n/a	typo.. Sorry about the typo, what i meant to say was, "PowWeb will soon ALLOW clients to start using their own Certs for SSL if they wish to. " Again, keep in mind that this is still in the works. Also, for a little explanation as to why the new SSL looks they way it does... Well basically its set this way so that the authentication will run much faster on the server side, so you should notice a difference when using it this way.

9-11-03, 01:33 PM	#16
NMS Moderator Join Date: Apr 2002 Location: Malta - Europe Posts: 7,108 Reputation: 125	I noticed that is indeed faster then it was previously. I created a cname which points powweb server to my domain and all I managed to achieve was this: https://anything.mydomain.com/~username It pops up security screen for the certificate which is issued in the name of powweb. __________________ Neville NMS Designs - Website Services & Graphic Design. ThesisAbstracts.com - A website for under-graduates and graduates. Ktieb.com - Sell, Buy and Watch New & Second Hand Books online. Website Agent - Online discounts & Resources for web designers. - new promotions just updated Sell and Buy Stuff Classified - Free of Charge You never have a second chance to make a first good impression!

9-11-03, 05:33 PM	#17
Ed-Seigal Posts: n/a	re: CNAME for SSL Again, no, this will NOT work because fo the fact that you are using our Shared SLL link which is using our own Cert. There is no way around it. Sorry.

9-17-03, 01:59 AM	#18
JadedMan Registered Join Date: Sep 2003 Location: Canada Posts: 15 Reputation: 5	SSL URLs Thank you, thank you, thank you!!! The one MAJOR problem I was having and you guys fixed it! Regular port 443 access is needed to get through most corporate firewalls. Thank you.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search