View Full Version : SSL encryption issues
04-01-2011, 03:16 PM
I have two forms on my website that ppl fill out and submit with info. I need to purchase a private SSL cert and dedicated IP address so that info on those forms is encrypted while being sent to bluehost's server.
Right now I have the form being sent to a bluehost email address and then have a forwarder setup to a verizon email that I then read my emails through Outlook Express and the forms come there.
I was told that after I purchase the SSL cert and ded. Ip address the form will only be encyrpted to Bluehost's server but when it is then forwarded to verizon.net it is not encyrpted and can possibly be intercepted.
Does anyone on here know of a way around this, what I want to find out is if when it leaves Bluehost's server to verizon's server is it still encrypted? And if not is there someway that I can make it be. Thank you.
04-01-2011, 03:27 PM
The SSL certificate that goes with the dedicated IP address only encrypts the data between the browser and the server (it is specific to encrypting web pages) . It does not encrypt emails. You would need a separate email SSL certificate if you want to encrypt emails.That needs to have the private part installed on the computer creating the email and the public part installed on the computer that is the email's final destination.
04-01-2011, 05:13 PM
I should have worded it differently. When the form is submitted from my website it goes to bluehost's server encrypted.
I need to know if when retrieving the email (form) from bluehost's server using outlook express, would it be encrypted if I have the settings checked in Outlook Express as "this server reqruies a secure connection (SSL) for incoming and outgoing mail.
04-01-2011, 06:03 PM
Selecting SSL in your email program will make sure that the emails are encrypted by your mail server before sending them to your computer.
That does not encrypt them between the mail server they are sent from and the mail server they are sent to - they'd be passed in plain text between those unless you encrypt the actual emails rather than just the connection to the server.
04-01-2011, 06:12 PM
thank you, of course not the answer i wanted to hear. Is there a way to make an email encrypted when travelling from bluehost server to verizon server?
Otherwise I guess I will have to read emails on bluehost server and that i'm trying to avoid.
04-01-2011, 11:11 PM
It is possible to set up emails that are encrypted from the time they are created through to when they are read.
You need two email certificates - one for the sending email address and one for the receiving email address. You use the private part of the sender email and public part of the receiver email to encrypt it at the source and the public part of the sender and private part of the receiver to decrypt it at the destination.
Between two regular email accounts using email software on your own computers you'd just both install your certificates and then exchange emails so that you get the public key portion of the other certificate sent to you - the email program will then offer the option of encrypting emails. To do it using emails generated from a form you'd need the certificates installed on the server and would need a form2mail script that supports the encryption.
04-02-2011, 06:01 AM
well thanks for the effort, but way over my head now, suppose I'll just have the form(s) encrypted from my site to bluehost server and read them from there.
04-02-2011, 10:16 AM
I was told by bluehost support that if i use outlook express and have the correct settings checked for incoming and outgoing mail "This server requires a secure connection (SSL)" then the mail will come over a secure connection. Yes the email will be reg text but over a secure connection and I think that will be sufficient.
Powered by vBulletin® Version 4.2.0 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.