Setting up encrypted websites with SSL
The HTTP protocol is transmitted over the Internet as plain text. This means that the communication can be intercepted and read by people other than the end user of the website and server administrator. In most cases, the exchanged information is public, and this security vulnerability is acceptable. In other cases, where passwords or other secret information is exchanged, simple HTTP should not be used. Thankfully, securing web communications is not very difficult thanks to the HTTPS protocol, which adds a layer of encryption.
Note
SSL encryption that is used by HTTPS is added before the actual HTTP conversation is initiated. This means that name-based virtual servers, which are specified in HTTP headers, cannot be used with HTTPS. In practice, this means that each SSL-protected website has to be served from a dedicated IP address.
If you only plan to create a single HTTPS website on your server, you're fine. However, if you plan to create more secure...
