Hacker News new | comments | show | ask | jobs | submit login

You can use mod_ssl: http://onlamp.com/onlamp/2008/03/04/step-by-step-configuring... . Other good resources are an easy search away.

There are basically two steps, both of which can be at no additional cost:

1. get a certificate, and

2. configure your server to use the certificate.

You can generate a certificate yourself, without paying anyone, and it will work fine, but some browsers will throw up a warning page if it is not signed by an authority (more: http://www.namecheap.com/support/knowledgebase/article.aspx/...).

tptacek explained to me once how using a self-signed certificate (or more to the point, trusting it) is a bad idea: http://news.ycombinator.com/item?id=2376644

You can get free certificates backed by a CA trusted by most browsers, for example at https://www.startssl.com. There are some limitations (e.g. no wildcard certificates) but it's still much better than a self-signed one.

Though using self-signed certs during development is a perfect way to test https without shelling out for a CA signature.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact