Changes between Version 19 and Version 20 of faq/security/setup-certificate


Ignore:
Timestamp:
Sep 29, 2016, 7:52:59 AM (5 years ago)
Author:
Mallory Knodel
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • faq/security/setup-certificate

    v19 v20  
    88We strongly encourage all members to change this setting so all communications is encrypted. Even if you don't think it is necessary, consider that all information you send to the site, which may include usernames and passwords, are sent in the clear unless you are using https.
    99
    10 Fortunately, the process of using an https enabled web site is fully handled in the members control panel:
     10Fortunately, the process of choosing to run an https enabled web site is fully handled in the members control panel:
    1111
    12  * Log in via: https://members.mayfirst.org/cp
    13  * Choose the "Web Configuration" section
     12 * Log in via https://members.mayfirst.org/cp.
     13 * Choose the "Web Configuration" section.
    1414 * Remove any domains from ServerAlias or ServerName that are a sub-domain of mayfirst.org (e.g. yourorg.mayfirst.org). You should only have your own personal domains listed (this is temporary until #12045 is resolved).
    15  * Edit your web configuration and change the "Port" field to "auto"
     15 * Edit your web configuration and change the "Port" field to "auto".
     16 * Click "Submit".
    1617
    1718== How does it work? ==
    1819
    19 You have several options when choosing to configure your web sites.
     20You have several options when choosing to configure your web sites. Each site will have and does need at least one web configuration item.
    2021
    2122=== auto ===
     
    3334=== https ===
    3435
    35 You may also wish to use your own certificates, in which case select "https" and specify the `SSLEngine On`, `SSLCertificateKeyFile`, and `SSLCertificateFile` parameters in your configuration that point to the appropriate files. Use this option if you don't want an http site at all.
     36You may also wish to use your own certificates, in which case select "https" and specify the `SSLEngine On`, `SSLCertificateKeyFile`, and `SSLCertificateFile` parameters in your configuration that point to the appropriate files. If your web configuration has only an https item, you won't have an http site at all. Note that this means anyone trying to reach your site with http:// will get an "Error 404 Server not found" message.
    3637
    3738=== Both http and https ===
    3839
    39 You can also choose to have a different web configuration for http and https or control the redirecting in a more fine-tuned way.
     40You can also choose to have a different web configuration for http and https or control the redirecting in a more fine-tuned way. For sites that have https enabled with a certificate that they purchased or obtained themselves, their web configuration will have two items: one for each http and https.
    4041
    4142== What if I already have an https web site? ==