httpdocs httpsdocs & CA Cert

[knocx]

I wonder such things and i can not take myself thinking of these


i am really dying to know the answers;


1- Why on earth there are 2 saparate roots for a website like httpdocs and httpsdocs? Why cant we just switch the protocol to https within same directory?

Most PLESK techs answer: "because of the security" what are the contributions of doing this in the means of Security? Can someone please explain it?

SSL Protocol is an intermadiate protocol between appllication(http) and TCP Layers and it has no relation with where the data located.


Now lets look at the webserver , i.e when the web server issues Client_Write_DATA to send the html data , it is passed to record layer of SSL , ecrypted by the mutually agreed Ecryption algorithms (i.e Rijndael AES, 3DES...etc ) simmetric key and then the data is sent to the receipent...goes on like this. dont want to get into details...

in practice https is lower than http so there can not be a security reason of saparating httpdocs and httpsdocs.


2- Why do PLESK want the CA root cert each time a certificate is installed by the client even if it is in the Cert root of the OS.

i think they do not query the Cert root of the OS , this causes problems when a user installs a new cert that the issuers root cert already int the cert root of OS, plesk askes for CA cert!

this is also problematic

regards
knocx

 

[lboss]

Originally posted by knocx
1- Why on earth there are 2 saparate roots for a website like httpdocs and httpsdocs? Why cant we just switch the protocol to https within same directory?

It is not correct. Plesk 7.5.x uses httpdocs for domain hosting, and use httpsdocs for Shared SSL feature.

Originally posted by knocx

2- Why do PLESK want the CA root cert each time a certificate is installed by the client even if it is in the Cert root of the OS.

Hm... Can you describe what you mind?

 

[knocx]

Re: Re: httpdocs httpsdocs & CA Cert

Originally posted by lboss
It is not correct. Plesk 7.5.x uses httpdocs for domain hosting, and use httpsdocs for Shared SSL feature.

What do you mean by that?

 

[lboss]

I mean it is different folders. httpsdocs does not uses for HTTPS hosting. HTTP and HTTPS protocol use httpdocs forlder to get context.

 

[knocx]

Oh.. is it? ... How couldnt i ever think of that.

 

[dynaweb]

Originally posted by lboss
I mean it is different folders. httpsdocs does not uses for HTTPS hosting. HTTP and HTTPS protocol use httpdocs forlder to get context.

I see, but since that is the case, why is Plesk creating the https dir?

 

[knocx]

thats already what i am asking for

"Why is Plesk creating the https dir?"

i still could find no answers to that

- using a separate httpsdocs provides no extra security.

i can prove this in the means of TLS / x.509/ PKCS and also mathematically

Infact another problem is that even if you intall the root CA cert into the system PLESK asks for it again &again.

hence each client has its own root CA cert for verification of his certificate... thats another stupidity.

 

[dynaweb]

httpsdocs dir is obsolete or not?

Originally posted by knocx
thats already what i am asking for
"Why is Plesk creating the https dir?"

I looked through the changelog and found nothing about this. Can somebody confirm that the httpsdocs dir is obsolete or not?

 

[dynaweb]

I read elsewhere in the forum that the httpsdocs dir is only for shared ssl.

 

[knocx]

ok,

i have an SSL Cert and i want to share this,

https://www.sharedssl.com > httpsdocs of sharedssl.com

to do this i have to give access to anyone sharing this SSL into httpsdocs of sharedssl.com so that they can use

https://www.sharedssl.com/customer1/

which cant be done in practice with plesk