Security, Part 2 (SSL)
You've already seen that you need to provide various types of security for the server itself. You also need to provide security for transactions between the customer and your site.
If you're doing e-commerce, you will really want to use SSL for at least the parts of the transaction in which you're passing private information back and forth. Setting up SSL under Apache is technically easy but administratively challenging.
HOW DOES SSL WORK?To begin, you need to understand a little bit about PKI (that's public key infrastructure) and cryptography. Modern cryptography is based on using a key to encrypt plain text into cyphertext. This is done using complex mathematical formulas and long keys. The key length is important ... |
Get MySQL™ and JSP™ Web Applications: Data-Driven Programming Using Tomcat and MySQL now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.