I have just been thrown into something I have no idea about. I need to set up a site that a user logs in using ssl certificates. Can anyone help get me started on this by pointing me in the direction of some tutorials or some things I should google. Thanks you for any help you can give.
The SSL bit is easy, you will need a dedicated IP address for the site, but then it's either installing the SSL certificate via editing Apache configs or through your hosing control panel. Once installed you can access the login all as https:// the scripting works the same on https and http. If you only have a few users then the simplest option is to use password protected directory, normally via the hosting control panel, the user is then prompted for their name and password and once authenticated can browse the site as normal. It gets more complicated once you start using a script to authenticate the users, as you now need a database of some sort to store user names and password, a login form which authenticates the user against the database and probably some management system. At a minimum you have a table with users names, their password stored md5 encoded and their email address. You need the email address to send reset passwords to. You have to also remember to test if the user is authenticated each time you go to serve content to them. You don't give enough detail about the language you are using e.g. PHP or if you are protecting static data or scripted or ..... Assuming it's just content then rather than reinvent the wheel, why not look at something like modx which has all the user management built in and can allow people to authenticate to view protected pages. You'd need to tweak to make sure it works all over SSL. If you want to build your own system then a quick google for "user login for website php" should throw up plenty of resources for you to work from e.g. http://www.devshed.com/c/a/PHP/Creating-a-Secure-PHP-Login-Script/