Re: Separate SSL Server

This WebDNA talk-list message is from

1997


It keeps the original formatting.
numero = 11064
interpreted = N
texte = >At 8:21 AM 4/26/97, Jay Van Vark altered the fabric of cyberspace, >writing: > >> The issue is not our license agreement. The intention of the license >> agreement is to allow you to run a complete service on a single machine - >> if you can give us of a valid reason why you need a second copy of >> WebCatalog running on another machine that is within the intention, just >> not the letter, of the license agreement, we are always willing to make >> exceptions. >> >> The real issue here is that you don't want any shared information between >> the SSL and the non-SSL server... in our commerce model the information >> (shopping cart) that you collect with the non-SSL portion of your site has >> to be available (a shared folder) to the SSL server... >> >> We are continually looking for ways to refine the proess and if you have >> any suggestions I am all ears. >> >> Again, the last thing we want is for you to have to buy 2 copies of the >> software to run one store. >> > >Jay, > >I subscribed to this list in antisapation of purchase of WebCat2. I wanted >to see what the issues were and the difficulties that others were having >before plunking down the cash (alot for me) on the product. > >I have seen that the support is great. Problems people have and questions >are addressed in a timley fashion. > >The issue of serving ssl is important. While I belive that security is >realy perception on the Internet, customers still feel it is important. >They demand that the data is on a server that can only be accessed via >https. > >This means a secound box that has all the https data on it. Once the data >is collected on the http server, WebCat needs to call and parse the data to >the ssl box to finish the processing. The url generated by the non-ssl >server just needs to call the ssl server. This is to say when the cart is >done at http://www.abc.com it needs to be sent to https://secure.abc.com to >collect the credit card information and finish processing the order. While >all processing of shipping and total cost is presented to the ordering >party, can be done prior to the shift to ssl to collect the credit card >infomation, then the credit card information is collected and stored on the >ssl box. > >The informational mail to the seller is generated and sent at either box >and the random generated order url is made on the ssl box. In this way the >credit card information is collected via https and the pickup url is via >https. Never is any data collected or stored on a server accessable via >http. > >In the above example of using a shared folder inside the W* server, any >information contained inside it is accessable via http. Running WebStar >SSL in a differant folder with a second copy of WebCat can confuse the sync >of things as I understand. This would also require two copies of WebCat to >work anyway. The example I cite above seems to only real solution, but >requires two copies of WebCat to work. My customers want to see the url >change to a secure server location. > >While the shopping cart for selling products is the main use of ssl to >collect credit card information, there may be other times and applications >that ssl needs to be called to collect information. Can WebCat access the >.db files from the non ssl server and parse it to the ssl server for >processing. Something like 'back ending' a db? > >If anyone else can suggest a way to do this on one box with one copy of >WebCat, please let me know. I would like to take advantage of the discount >offered till the end of the month. > ><--Glenn--> > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >Glenn & Renee Davis >Exclusively Web / Net Highway (916) 887-0678 >Web Page Design / Hosting Services >POB 157, Cool,CA 95614-0157 >http://www.ExclusivelyWeb.com >http://www.Net-Hwy.com &&& ||| > (@ @) (@ @) >----------------------------ooO---U---Ooo---------------ooO--(_)--Ooo------->> > Mailto:renee@Net-Hwy.com Mailto:glenn@Net-Hwy.com > Mailto:renee@ExclusivelyWeb.com Mailto:glenn@ExclusivelyWeb.com > Graphics Design WebmasterYou are correct in your perception that the problem with security is perception only. There have been a number of suggestions of ways to deal appropriatly with the security access with the files on the same server, but rather than pound on that issue -- if you are firm that you need a different box, the folder that needs to be shared does not have to be within the webstar folder tree. Put the orders and shopping cart folders at the root (base) of your machine and configure WebCatalog to know where they are for both machines.You are still going to make sure that you are careful about remote maintinance of the databases and that they stay in synch for the two machines... Not difficult, but something to keep in mind as you construct it...I would ask that after you purchase and intend to use the above setup that you contact our sales staff to sign a form stating that the second copy is for the explicit purpose of SSL only, no additional or different information serving from that box.Jay Van Vark ****************************** Pacific Coast Software | WebCatalog 11770 Bernardo Plaza Court | The Search is Over Suite 462 | http://www.smithmicro.com San Diego, CA 92128 ****************************** 619.675.1106 Associated Messages, from the most recent to the oldest:

    
  1. Re: Separate SSL Server (Jay Van Vark 1997)
  2. Re: Separate SSL Server (Grant Hulbert 1997)
  3. Re: Separate SSL Server (grichter@panavise.com (Gary Richter) 1997)
  4. Re: Separate SSL Server (Glenn Davis 1997)
  5. Re: Separate SSL Server (Glenn Davis 1997)
  6. Re: Separate SSL Server (Glenn Davis 1997)
  7. Re: Separate SSL Server (grichter@panavise.com (Gary Richter) 1997)
  8. Re: Separate SSL Server (bob 1997)
  9. Re: Separate SSL Server (Jay Van Vark 1997)
  10. Re: Separate SSL Server (Dan L Gilpin 1997)
  11. Re: Separate SSL Server (Glenn Davis 1997)
  12. Re: Separate SSL Server (Bob Minor 1997)
  13. Re: Separate SSL Server (Grant Hulbert 1997)
  14. Re: Separate SSL Server (grichter@panavise.com (Gary Richter) 1997)
  15. Separate SSL Server (Dan L Gilpin 1997)
>At 8:21 AM 4/26/97, Jay Van Vark altered the fabric of cyberspace, >writing: > >> The issue is not our license agreement. The intention of the license >> agreement is to allow you to run a complete service on a single machine - >> if you can give us of a valid reason why you need a second copy of >> WebCatalog running on another machine that is within the intention, just >> not the letter, of the license agreement, we are always willing to make >> exceptions. >> >> The real issue here is that you don't want any shared information between >> the SSL and the non-SSL server... in our commerce model the information >> (shopping cart) that you collect with the non-SSL portion of your site has >> to be available (a shared folder) to the SSL server... >> >> We are continually looking for ways to refine the proess and if you have >> any suggestions I am all ears. >> >> Again, the last thing we want is for you to have to buy 2 copies of the >> software to run one store. >> > >Jay, > >I subscribed to this list in antisapation of purchase of WebCat2. I wanted >to see what the issues were and the difficulties that others were having >before plunking down the cash (alot for me) on the product. > >I have seen that the support is great. Problems people have and questions >are addressed in a timley fashion. > >The issue of serving ssl is important. While I belive that security is >realy perception on the Internet, customers still feel it is important. >They demand that the data is on a server that can only be accessed via >https. > >This means a secound box that has all the https data on it. Once the data >is collected on the http server, WebCat needs to call and parse the data to >the ssl box to finish the processing. The url generated by the non-ssl >server just needs to call the ssl server. This is to say when the cart is >done at http://www.abc.com it needs to be sent to https://secure.abc.com to >collect the credit card information and finish processing the order. While >all processing of shipping and total cost is presented to the ordering >party, can be done prior to the shift to ssl to collect the credit card >infomation, then the credit card information is collected and stored on the >ssl box. > >The informational mail to the seller is generated and sent at either box >and the random generated order url is made on the ssl box. In this way the >credit card information is collected via https and the pickup url is via >https. Never is any data collected or stored on a server accessable via >http. > >In the above example of using a shared folder inside the W* server, any >information contained inside it is accessable via http. Running WebStar >SSL in a differant folder with a second copy of WebCat can confuse the sync >of things as I understand. This would also require two copies of WebCat to >work anyway. The example I cite above seems to only real solution, but >requires two copies of WebCat to work. My customers want to see the url >change to a secure server location. > >While the shopping cart for selling products is the main use of ssl to >collect credit card information, there may be other times and applications >that ssl needs to be called to collect information. Can WebCat access the >.db files from the non ssl server and parse it to the ssl server for >processing. Something like 'back ending' a db? > >If anyone else can suggest a way to do this on one box with one copy of >WebCat, please let me know. I would like to take advantage of the discount >offered till the end of the month. > ><--Glenn--> > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >Glenn & Renee Davis >Exclusively Web / Net Highway (916) 887-0678 >Web Page Design / Hosting Services >POB 157, Cool,CA 95614-0157 >http://www.ExclusivelyWeb.com >http://www.Net-Hwy.com &&& ||| > (@ @) (@ @) >----------------------------ooO---U---Ooo---------------ooO--(_)--Ooo------->> > Mailto:renee@Net-Hwy.com Mailto:glenn@Net-Hwy.com > Mailto:renee@ExclusivelyWeb.com Mailto:glenn@ExclusivelyWeb.com > Graphics Design WebmasterYou are correct in your perception that the problem with security is perception only. There have been a number of suggestions of ways to deal appropriatly with the security access with the files on the same server, but rather than pound on that issue -- if you are firm that you need a different box, the folder that needs to be shared does not have to be within the webstar folder tree. Put the orders and shopping cart folders at the root (base) of your machine and configure WebCatalog to know where they are for both machines.You are still going to make sure that you are careful about remote maintinance of the databases and that they stay in synch for the two machines... Not difficult, but something to keep in mind as you construct it...I would ask that after you purchase and intend to use the above setup that you contact our sales staff to sign a form stating that the second copy is for the explicit purpose of SSL only, no additional or different information serving from that box.Jay Van Vark ****************************** Pacific Coast Software | WebCatalog 11770 Bernardo Plaza Court | The Search is Over Suite 462 | http://www.smithmicro.com San Diego, CA 92128 ****************************** 619.675.1106 Jay Van Vark

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

no template caching (1997) WC3 and SSL on NT (1998) How far do [showif]s go? (1997) Exclamation point (1997) Installing Web DNA 5.1 on a MAC (2004) WebCat editing, SiteGuard & SiteEdit (1997) Strange Search Results (2004) Filling in fields conditionally (1998) [returnraw] and form variables (1998) [WebDNA] Multi Part SendMail (2013) Q: writefile and uploads. (1998) Summary search -- speed (1997) What am I doing wrong? (2000) WebDNA performance comparisons? (2004) WebCat2b13MacPlugIn - more [date] problems (1997) Browser Reloads and AddlineItem (1997) Search Question (2003) problem: search crashes webstar (1997) CC Merchant suggestions?? (1997) Register First (2000)