30.4. Enabling SSL

As discussed in several other places throughout this book, SSL (Secure Sockets Layer) enables all the communication between a web server and a browser to be encrypted. Anyone sniffing the network traffic at any point between the two would be unable to see the contents of web pages sent, the values of form values typed, or any other potentially confidential data. In addition, using SSL enables the person viewing your site to verify your credentials — to confirm that the site he or she connected to is the one he or she meant to be connected to.

NOTE

For more on activating SSL for a website on the standard version of Mac OS X, see Chapter 18. For more on looking at SSL from the point of view of a person browsing the web, see Chapter 10.

SSL is easy to implement in Mac OS X Server, and if you'll be serving websites that send or receive private information, it's a good idea to do so. You could, of course, use SSL by default for all your sites to keep every bit of data transferred secure on principle. However, doing so puts a slightly higher strain on your server's CPU because of the extra work required to encrypt and decrypt all the data. For sites with a modest number of visitors, this effect may not be noticeable, but if you have an extremely busy site, using SSL can decrease the number of visitors you can effectively serve at once.

Also keep in mind that SSL must be turned on individually for each domain, and SSL certificates are tied to specific domain names. ...

Get Mac® Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.