Secure Socket Layer

Secure Socket Layer

Our web server is SSL enabled and all web pages under the “eskimo.com” domain are sent encrypted, preventing third parties from intercepting data. Your own content, hosted under our domain at “http://www.eskimo.com/~user”, is also sent encrypted.

Some pages won’t show the lock symbol, except with Internet Explorer, even though they are accessed using https, because they contain third party content that is not secured.

SSL for Virtual Domains, Business & Personal Hosting Plans

You can also have content under your domain encrypted. In order to do this it is necessary to obtain an SSL certificate. The certificate must be in PEM format. We obtained ours from Comodo.

To obtain an SSL certificate you will first need to generate a CSR which is a certificate request. Login to shellx.eskimo.com, centos7.eskimo.com, scientific.eskimo.com, scientific7.eskimo.com, or fedora.eskimo.com. We recommend that you do not use any of the Debian derived servers for this step because there are issues with insufficient randomness on debian servers that will result in weaker encryption.

Create a directory. make it accessible only by yourself, and change to that directory:

   mkdir csr
chmod 700 csr
cd csr

Then type the following to generate the CSR and key file. The key file should be kept secure.

   openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

Once you have these files, save the “myserver.key” file securely. We will need this when we setup the SSL portion of your virtual domain or web hosting package. It is important that you keep it secure as anyone obtaining this file could spoof your identity and potentially decrypt all of your traffic.

Submit the “server.csr” file to the certificate signing authority of your choosing. It is important that you choose a signing authority that can provide certificates in PEM format compatible with Apache 2.4.x

Upon receiving your certificates supply them to us along with your “myserver.key” file generated along with the CSR and we will install them in our web server configuration so that your site will then have SSL (https) capability.

Recent Posts