K
knocx
Guest
I wonder such things and i can not take myself thinking of these
i am really dying to know the answers;
1- Why on earth there are 2 saparate roots for a website like httpdocs and httpsdocs? Why cant we just switch the protocol to https within same directory?
Most PLESK techs answer: "because of the security" what are the contributions of doing this in the means of Security? Can someone please explain it?
SSL Protocol is an intermadiate protocol between appllication(http) and TCP Layers and it has no relation with where the data located.
Now lets look at the webserver , i.e when the web server issues Client_Write_DATA to send the html data , it is passed to record layer of SSL , ecrypted by the mutually agreed Ecryption algorithms (i.e Rijndael AES, 3DES...etc ) simmetric key and then the data is sent to the receipent...goes on like this. dont want to get into details...
in practice https is lower than http so there can not be a security reason of saparating httpdocs and httpsdocs.
2- Why do PLESK want the CA root cert each time a certificate is installed by the client even if it is in the Cert root of the OS.
i think they do not query the Cert root of the OS , this causes problems when a user installs a new cert that the issuers root cert already int the cert root of OS, plesk askes for CA cert!
this is also problematic
regards
knocx
i am really dying to know the answers;
1- Why on earth there are 2 saparate roots for a website like httpdocs and httpsdocs? Why cant we just switch the protocol to https within same directory?
Most PLESK techs answer: "because of the security" what are the contributions of doing this in the means of Security? Can someone please explain it?
SSL Protocol is an intermadiate protocol between appllication(http) and TCP Layers and it has no relation with where the data located.
Now lets look at the webserver , i.e when the web server issues Client_Write_DATA to send the html data , it is passed to record layer of SSL , ecrypted by the mutually agreed Ecryption algorithms (i.e Rijndael AES, 3DES...etc ) simmetric key and then the data is sent to the receipent...goes on like this. dont want to get into details...
in practice https is lower than http so there can not be a security reason of saparating httpdocs and httpsdocs.
2- Why do PLESK want the CA root cert each time a certificate is installed by the client even if it is in the Cert root of the OS.
i think they do not query the Cert root of the OS , this causes problems when a user installs a new cert that the issuers root cert already int the cert root of OS, plesk askes for CA cert!
this is also problematic
regards
knocx