SSL Certificates
Permalink Browser Info Environment
Does anyone know how this addon affects SSL Certificates?
I'm thinking it will cause warnings no matter how you try to do it. Which is okay, I understand and I can change my direction. I'd just like to know if in fact my concern is not valid and someone can verify that a certificate for the main domain is still recognized underneath the domain mapper.
Any thoughts?
Thanks.
I'm thinking it will cause warnings no matter how you try to do it. Which is okay, I understand and I can change my direction. I'd just like to know if in fact my concern is not valid and someone can verify that a certificate for the main domain is still recognized underneath the domain mapper.
Any thoughts?
Thanks.
Type: | Discussion |
---|---|
Status: | New |
Therefore Domain Mapper directing a parked domain to a main domain page - and changing the URL to that of the parked domain (as shown in the DM screencast) - will cause the browser to throw an error. (?)
I considered the sub-directory approach but came to realize that this would require separate installs of C5 in each folder - unless I became a hosting partner, got the white paper AND was able to implement the shared site setup. But then I read that to do that setup you need access to the server that is not possible with a company like Bluehost, which is where my customer is registered. Is that understanding correct, or am I missing something?
I understand how to force the use of the SSL protocol, it's been discussed in the C5 forum.
Issue: I need to breakup divisions of a company where information can be contained within those divisions under SSL and those within certain division are only allowed access to other divisions based on their assigned usergroups, but still share some aspects centrally (user info). (Not to mention one easy C5 core update.) The domain mapper almost solves it - but for the SSL. The sub-directories and wildcard would definitely solve it as the URL does not need to be hidden - but the maintenance and shared info is a hurdle. I'm just trying to make sure the hurdle I clear is heading in the right direction.
If you can comment I'd appreciate it. Thanks for your time, Ryan.
I considered the sub-directory approach but came to realize that this would require separate installs of C5 in each folder - unless I became a hosting partner, got the white paper AND was able to implement the shared site setup. But then I read that to do that setup you need access to the server that is not possible with a company like Bluehost, which is where my customer is registered. Is that understanding correct, or am I missing something?
I understand how to force the use of the SSL protocol, it's been discussed in the C5 forum.
Issue: I need to breakup divisions of a company where information can be contained within those divisions under SSL and those within certain division are only allowed access to other divisions based on their assigned usergroups, but still share some aspects centrally (user info). (Not to mention one easy C5 core update.) The domain mapper almost solves it - but for the SSL. The sub-directories and wildcard would definitely solve it as the URL does not need to be hidden - but the maintenance and shared info is a hurdle. I'm just trying to make sure the hurdle I clear is heading in the right direction.
If you can comment I'd appreciate it. Thanks for your time, Ryan.
The sub-directory hosting partner white paper is fairly involved and would require root access to the server and a pretty good understanding of apache & servers in general.
I would recommend not using the domain mapper, instead using one site, one domain and one ssl certificate, then separate your departments out within the paths of the site and concrete permissions.
Using multiple domains combined with the ssl requirement makes it pretty complicated.
I had thought of building an addon that requires ssl by paths within the site, is that what you're looking for?
I would recommend not using the domain mapper, instead using one site, one domain and one ssl certificate, then separate your departments out within the paths of the site and concrete permissions.
Using multiple domains combined with the ssl requirement makes it pretty complicated.
I had thought of building an addon that requires ssl by paths within the site, is that what you're looking for?
That would help as it's half the issue.
The one site approach will require php manipulation of the auto-nav in order to hide the links to divisions (based on usergroups) that would not want to be seen by certain others. (It's okay if the url shows the sub-directories they are in though.) Simply denying them access (permissions) is not the preferred method of both hiding and denying access. I haven't looked into yet, but I can't imagine it being too difficult to write that code.
I appreciate your advice, Ryan. The difficulty of the C5 WHM setup sounds overkill - especially for their budget. I feel more confident in a simplistic approach of permissions and some custom php.
Thanks again for the beautiful C5 layout. Once I get up-to-date on Single Pages and Themes I might go demonstrate it at a meetup. As I'm sure the community realizes the length of my posts - I talk better than I write code. (-:
The one site approach will require php manipulation of the auto-nav in order to hide the links to divisions (based on usergroups) that would not want to be seen by certain others. (It's okay if the url shows the sub-directories they are in though.) Simply denying them access (permissions) is not the preferred method of both hiding and denying access. I haven't looked into yet, but I can't imagine it being too difficult to write that code.
I appreciate your advice, Ryan. The difficulty of the C5 WHM setup sounds overkill - especially for their budget. I feel more confident in a simplistic approach of permissions and some custom php.
Thanks again for the beautiful C5 layout. Once I get up-to-date on Single Pages and Themes I might go demonstrate it at a meetup. As I'm sure the community realizes the length of my posts - I talk better than I write code. (-:
To get off Ryan's back, I posted a non Domain Mapper question regarding C5 site structuring here:http://www.concrete5.org/community/forums/customizing_c5/sub-direct...
The goal is to better understand what is possible before doing what is obvious.
Rick
The goal is to better understand what is possible before doing what is obvious.
Rick
For those interested: Bluehost does not support wildcard SSL Certificates.
If you purchase a wildcard ssl certificate like *.domain.com and are mapping subdomains.domain.com to paths within your site you wouldn't get any warnings.