Re: SSL and scripts.

[Mark A Bennett <mark.bennett@xxxxxxxx>]

>     Stephanie J. Wright

Dear Stephanie,

Thanks for the last reply (Re: CGI script output and https= secure:-)


My next question is so:

Can webten be setup to ONLY allow https and NEVER allow http 
requests. I ask this as my temp certs are insecure in that when I 
view the domain with IE 5.0 (Mac) the browser refuses the temp cert, 
it then sets up a non secure http connection and shows you the pages 
anyhow. I have set the whole domain to require encryption (via admin 
access controls) but the http requests are still processed.

So, can I disable the server for http output? Or am I missing 
something (as usual!)

I am now generating a temp virisign cert and will be installing this 
this morning on my new 'secure' domain (separate IP), the full 
licenced cert is on order. Perhaps a full CERT will not give the 
above security loophole?

Regards

Mark.
--
Mark Bennett
Department of Biology
Imperial College at Wye
University of London
Wye, Ashford, Kent TN25 5AH, U.K.
Tel.:  020 759 42788 (Direct line)
Fax 020 759 42640
Extension: 42788

Email:  mark.bennett@xxxxxxxx

"The box said "Requires Windows 98, or better".
  "So I bought a Macintosh".

----
Tenon Intersystems' WebTen Mailing List
To unsubscribe: send mail to webten-request@xxxxxxxxx with the 
subject: unsubscribe
Find searchable Mailing List archives at
http://listsearch.blueworld.com/webtensearch.lasso