SSL

Dobry den.Chtel bych zabezpecit svou stranku pomoci SSL na ktere se zadava pristup a nevim presne jak to udelat aby to fungovalo.Ta stranka se jmenuje sekce_kantoru.php3 a dostanu se na z index.php3.ekuju moc za pomoc.Petr
jestli ji máž na wz tak máš smůlu
Ne ne je to na placenym servru ale nevim jak to mam udelat.
SSLEngine on
v .htaccess
nevím, jak to tam maj zařízený,protože nevím, o kterej hosting jde. Zkoušel si https:// ?
Jestli chceš, můžu sem hodit konfigurák, co mám na SSL doma :))
Tak to by bylo super.
<?PHP
$SSL_Port=443;
if ($SERVER_PORT!=$SSL_Port) {
if (empty($mustbesecure))
header("Location: https://$HTTP_HOST$SCRIPT_NAME?$QUERY_STRING&mustbesecure=1");
else
echo "Zabezpečené spojení nelze navázat";
exit;
}
?>
Zabezpečeno
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLEngine on

# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
SSLCertificateFile /etc/apache/cert/server.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/apache/cert/server.key

<Files ~ "\.(cgi|shtml|phtml|php|php4|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfDefine>
Nejsem si zcela jist, zda ti to bude makat, protože já to mám přímo v httpd.conf
Jinak pak musíš zaměnit cestu k certifikátům. Certifikát můžeš vygenerovat pomocí ssl-ca .