Welcome to WebmasterWorld Guest from 54.167.83.224

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Which SSL?

     
12:18 am on Nov 14, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts:91
votes: 0


Hi Guys,

I am shopping for an SSL cert so that my shopping cart can interact with PayPal. I understand SSL has to be installed on the Apache side.

All I need is to certify only my domain name. ie.

www.mydomain.com.au
www.mydomain.com.au/mycart
www.mydomain.com.au/mycart/product
www.mydomain.com.au/mycart/checkout, etc etc

There are so many provider on the net, price ranging for $15 to over $100. So which one should I buy?

12:32 pm on Nov 14, 2007 (gmt 0)

New User

5+ Year Member

joined:Aug 1, 2006
posts:5
votes: 0


My experience with this is:

The more you pay for the certificate, the more widely trusted and recognized it is. VeriSign, for example, is widely known, but also very expensive.

However, if you only have to use it for security and not for banking or something, I'd choose for the cheaper certificates, but you'd better wait for a real answer, since I'm not really sure.

12:32 am on Nov 15, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts: 91
votes: 0


my cart routes customers to paypal when they area reay to pay, they actually keep they card details into paypal, not my site but paypal needs a SSL certificate. So in this instance, I don't really want to pay big mobs of money
1:30 am on Nov 15, 2007 (gmt 0)

Senior Member from MY 

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 1, 2003
posts:4847
votes: 0


So long as the domain name matches, most browsers don't inform your visitor about which company a certificate is issued by, they just put up their visual feedback for a secured connection. I would expect visitors informed enough to check the certificate details would also be informed about the range of providers.
4:18 am on Nov 15, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts: 91
votes: 0


has anyone read this?
[apache-ssl.org...]

It has a section on creating your own key? So does that mean we don't have to buy an SSL certificate anymore?

5:50 am on Nov 15, 2007 (gmt 0)

Senior Member from MY 

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 1, 2003
posts:4847
votes: 0


You have always been able to create your own certificate (self sign certificates) and they have been fine for encrypting connections. The problem is that they don't try to identify whether you are who you say you are and for that reason they will pop up warning boxes if you use them to allow web-browser connections.
6:06 am on Nov 15, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts: 91
votes: 0


if that is the case, would I have problem interfacing my cart to payment service provider like paypal?
6:14 am on Nov 15, 2007 (gmt 0)

Senior Member from MY 

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 1, 2003
posts:4847
votes: 0


If you did that, your cart normally would not collect high security data, just a list of products. You would then send the cart to PayPal, who would handle your customer directly over their own SSL connection. In that way, all parts of the process which require high security have it.
6:40 am on Nov 15, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts: 91
votes: 0


exactly my thoughts, that is why I am paying them higher transaction fees but I get to sleep better at night knwoing no credit card details are held in my server and it all hells break loose, my customers are not put in any risk.
7:00 am on Nov 15, 2007 (gmt 0)

Senior Member from MY 

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 1, 2003
posts:4847
votes: 0


Be sure to point out that payments are handled by a secure server when you get to the cart point. Some users may notice you are not transferring them yet and worry it will never happen.

Personally I think it's nice to have a cheap SSL certificate for my cart anyway. For $15 or so a year if it only increases sales by one it's probably worth it.

11:08 pm on Nov 15, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:June 23, 2005
posts:145
votes: 0


jadedev

The time you spent asking & discussing the question, cost you more than just buying the SSL cirt and moving on.

ya missed a dollar, waiting on a dime.

WW_Watcher

1:05 am on Nov 16, 2007 (gmt 0)

Junior Member

5+ Year Member

joined:Oct 22, 2007
posts: 91
votes: 0


ha ha, that' true.

I am educating myself to be a web master. If I don't ask/read/research, then I won't learn and I won't get any better.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members