SSL web server- Best Practices
Hi, I am trying for determine the best way to setup my SSL enabled Aapche2 server. I have the latest version built from source.
My question involves the proper use of IP addresses / Domain names.
I read that two IP addresses are necessary for SSL. One for the non-secure side and one for the secure side. During the development of my site I am using strait IP addresses. Once the site is completed I will use domain names such as mysite.com and secure.mysite.com.
One of the problems I am encountering is that when I move the user over to the secure side of the site I lose the php session variables. I believe this is because I am changing to a new domain. This makes me think that my hole approach to SSL may be incorrect.
Can anyone point me to documentation on the best practices to setting up an SSL Server and how best to switch the user over to the secure side?
Curtis L. McCully