SSL, or Secure Socket Layer, allows you to transmit sensitive data over the internet without fear of it being intercepted in trasmission. It is said that a SSL 128bit (what we use here at MIS) has never been successfully intercepted. We will leave that to the experts to decide, but it is true that SSL is the trusted industry standard.

If you are planning on using SSL we want to say, up front that you do need to have a solid grasp of web page design and HTML, coding, and use of the form or CGI you want to make secure. We recommend fixing any problems with your form or CGI before attempting to make it secure. In other words, you need to make sure the cake is ok before you put on the frosting.

The first thing you need to know when using SSL on MIS servers is that the certificates we have for SSL are for the web server, and not the web site individually. Later in this instruction you will see how that comes into affect and what it means to you. It is possible to purchase your own individual SSL certifercate; however with MIS web hosting it is not nesssary to do this. You can get away with using our web server certifercates with a little minor manipulation.

Now we will assume your page and form are working correctly. The next thing you must know is on which one of our web servers you are located. If you know how to telnet this is easy to find out. You simply telnet into your domain name with user name and password and the prompt will display the server you are on. If you are not familiar with this process then please contact us by e-mail (hosting@midcoast.com) or telphone (207-594-8277 ) to find out what server you are on.

Let's show an example of a form page URL, and then show how to make it SSL encripted! We are going to assume that this is being done on our "conchita" web server. Your server may be different, so don't forget to check that.

A secure order form might look like this:

http://www.mydomain.com/form.html

To make it secure you would treat it like this:

https://pour.midcoast.com/~domainusername/form.html

Notice that http changed to https. Also notice that I used the domain's username. This is nessesary because when you use SSL, you are doing so at the web server level, and it needs to know what username you are using.

There is one more step to making your page act correctly while using SSL. You are probably aware that when you submit a form online that you must also include a page that you go to after clicking the submit button. Most people often have what is called a "postdone" or "success" page. This is a page that lets the Internet user know they have submitted a form successfully. It is also important that when you write this page into your code that you also make it secure. This insures that all browsers treat the page correctly.

An incorrect address would look like this:

http://www.mydomain.com/postdone.html

A correct address would look like this:

http://conchita.midcoast.com/~domainusername/postdone.html

On the "postdone" page you can then link back into your web site with normal domain hyperlinks. This operation of using SSL basically means that the link that takes you into the form and out of the form must be secure (https) at the server level. If those two addresses are correct, then your SSL encryption will work fine and you can secure anything you are trying to transmit over the web via a CGI form.

To sum up:

1. Page with link to form> 2. Page with form > 3. Success or post done page.

We hope this explains how to use SSL on the Midcoast Internet Solutions web servers. If you have any more questions please contact us. Please understand due to the technical nature of web page design we can only answer questions relating to SSL on our web servers. We can not take techincal calls relating to improperly working CGIs or forms.