These instructions explain how you can have CodeIgniter (or any other php framework) load certain pages using ssl.
Using this setup, you can allow visitors to visit a site at http://www.yoursite.com/ using standard non-SSL pages, and automatically force SSL when a visitor loads a controller such as http://www.yoursite.com/SSLFOLDER
SSLFOLDER will always load using SSL, regardless of whether https:// was used or not when calling the controller.
Here are the instructions I used under Ubuntu 10.04
Step 1: Create Self-Signed SSL Certificate
I used the steps outlined here:https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
SummaryGo to the home directory by executing the following command:cd ~Generate the keys for the Certificate Signing Request (CSR) by running the following command:openssl genrsa -des3 -out server.key 2048Enter an 8+ character passphrase when prompted.Create the Certificate Signing Request (CSR) using the following command:openssl req -new -key server.key -out server.csrOPTION 1: If you are actually going to be in production, then at this point you would submit the CSR to an online certificate authority (CA) for processing. Then you would continue using the CRT file received from the CA.OPTION 2: For non-production environments, you can create the self-signed certificate using the following command:openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crtThen copy the certificate and key to their corresponding folders:sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
Step 2: Edit Apache 2 configuration files (Ubuntu)
Edit /etc/apache2/sites-enabled/000-defaultInsert the following outside of the <VirtualHost *:80></VirtualHost> tagsThe top of the file works.<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
DocumentRoot /var/www
</VirtualHost>
Enable the SSL module in Apache 2 by running the following command:
Step 4: Restart Apache 2 Web Servera2enmod ssl
Run this command from the command line:sudo /etc/init.d/apache2 restartEnter the passphrase you previously chose when generating the CSR
CodeIgniter Related Steps
I found a useful post on configuring CodeIgniter to always redirect protected pages to the SSL site.The post is located here: http://stackoverflow.com/questions/1500527/how-to-use-ssl-with-codeigniterI chose Option 1 and did the following:Edit the file /system/application/config/config.php, and set the base_url to the non-ssl site as follows:$config['base_url'] = "http://www.yoursite.com/";
Then edit /etc/apache2/sites-enabled/000-default and under the <VirtualHost *:80> tag enter the following for each folder you'd like to protect with SSLRedirectPermanent /sslfolder https://www.yoursite.com/sslfolderNOTE: Omit the trailing slash after sslfolder
You should see that sslfolder is now shown using SSL
If you see SSL errors stating an invalid certificate its because you're using a SELF-SIGNED certificate. This is fine for testing, but for production you'll need to get a CRT file by buying one from an online Certificate Authority.
HINT: Try GoDaddy and use one of their online coupons for a discount.
Visit one of my sponsors:
No comments:
Post a Comment