Easiest? If you have IIS (like my test environment), you can use the SelfSSL tool to make a self-signed SSL certificate. Generally these aren't so great for a production environment, but you said *easiest*. SelfSSL is part of the IIS 6.0 Resource Kit: http://www.microsoft.com/downloads/details.aspx?FamilyID=56FC92EE-A71A-4C73-B628-ADE629C89499&displaylang=en I imagine there's a similar utility for Apache... To get a "real" SSL certificate, you probably need to buy one from a reputable Certificate Authority. Regards, Carlton Whitehead ----- Original Message ----- From: "John A DAVIS" <John.A.Davis@xxxxxxxxxxx> To: "PHP General List" <php-general@xxxxxxxxxxxxx> Sent: Friday, July 27, 2007 4:52:55 PM (GMT-0500) America/New_York Subject: Re: need insights on encrypting and uploading ASCII file using PHP So, what is the easiest way to get and install an SSL certificate? >>> "Richard Lynch" <ceo@xxxxxxxxx> 7/27/2007 1:46 PM >>> On Fri, July 27, 2007 3:21 pm, John A DAVIS wrote: > We have various labs that submit coliform sample results in an ASCII > file, quoted/comma delimited. > > We are being asked to encrypt this file for internet transfer. We are > also being asked to create a secure process by which to transfer this > file across the interent. > > Currently: > the lab pushes and button and generates the ASCII file (12 columns) > the lab logs in to a PHP webpage and uses the file upload input to > submit the file. > If data is valid, file is saved on our server in a folder where we can > pull it into the respective tables. > > > Be nice to have some insights on how to encrypt this file at the > source and how to transfer the file securely. We keep hearing the > words, "digital signature". If the concern is about during the TRANSFER of the data, SSL should be enough to satisfy virtually any requirement. The data is encrypted during the transfer. Where they get "digital signature" from, I dunno... Encrypting it at the source and decrypting it at the destination before you transfer it encrypted via SSL is kinda pointless... Unless there is an untrusted individual handling it somewhere between Lab and upload, or between your receipt and stuffing it into your tables? -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So?
