Verisign for credit card based websites?

Forum Moderators: buckworks

Message Too Old, No Replies

Verisign for credit card based websites?

I need a merchant account and SSL certificate.

chopin2256

10:33 pm on Mar 30, 2005 (gmt 0)

I have been searching online, and I found the company Verisign. After I purchase my SSL hosting service, I need to purchase a separate SSL certificate right? I can do this through Verisign, is this the right thing to do? Also, I need a merchant account, I can get this through Verisign as well, correct? Is this the right direction for me?

incrediBILL

11:05 pm on Mar 30, 2005 (gmt 0)

Versign SSL cert's are way over priced so we use Geotrust or Thawte.

For a payment gateway I do like Verisign Payflow Links, it's decent.

Ozark

11:07 pm on Mar 30, 2005 (gmt 0)

I have been searching online, and I found the company Verisign. After I purchase my SSL hosting service, I need to purchase a separate SSL certificate right?

No, you should not have to pay for SSL certificate if your hosting service provides one. Most hosting services that offer that service have shared SSL certificates.

I can do this through Verisign, is this the right thing to do?

Verisign is one of the many companies that offer SSL certificates. If you do not want to share a SSL certificate they are a option. But there are many other companies out there for a better price. You are paying for Verisign name more than their product.

Also, I need a merchant account, I can get this through Verisign as well, correct? Is this the right direction for me?

Verisign does offer merchant accounts. I would be sure to shop around before I signed up.

Ozark

chopin2256

11:09 pm on Mar 30, 2005 (gmt 0)

My domain is registered under GoDaddy, should I just use GoDaddy for an SSL Certificate? Is one better than the other?

Is an SSL certificate a requirement? I have no clue how my future store will hold out, so I need to experiment first. How will my visitors know I have an SSL certificate, or even know what one is? Thats one thing I am confused about.

incrediBILL

11:13 pm on Mar 30, 2005 (gmt 0)

No, you should not have to pay for SSL certificate if your hosting service provides one. Most hosting services that offer that service have shared SSL certificates.

I used some shared SSL and some dedicated SSL and just telling someone "ah use the shared" can be more trouble than it's worth unless they are VERY technical.

When you switch servers it gets dicey in that the shared SSL doesn't know how to display your images (can you say BASEHREF?) and the fancy javascript pull down menus won't even load until you tweak the server path, that assumes the code doesn't have other failing path dependencies, and on and on and on. Plus frequently the shared cert is running as APACHE typically and not as your account which creates yet more havoc with access permissions so if you're using a CGI-based cart in *Nix you'll need a second copy of the CGI code with SUID (CHMOD 4711) that the host must set because you can't do it from FTP.

Not to mention you'll have to give your CGI explicit locations to all the files it needs internally as DOCUMENT_ROOT won't fly on shared SSL.

Yup, no problems there.

Ozark

11:20 pm on Mar 30, 2005 (gmt 0)

My domain is registered under GoDaddy, should I just use GoDaddy for an SSL Certificate? Is one better than the other?

I read somewhere that godaddy sold more SSL certificates than any other company last month. Let the numbers speak for themselves.

Is an SSL certificate a requirement?

YES, if you plan on accepting credit cards or any other personal info.

How will my visitors know I have an SSL certificate, or even know what one is? Thats one thing I am confused about.

It depends on what browser that are using but for the most part they will see a lock somewhere on their browser.

Ozark

11:26 pm on Mar 30, 2005 (gmt 0)

incrediBILL

I was not encouraging the use of shared SSL. :) I was only trying to explain the options.

Personally I would not use shared SSL.

Ozark

MrFishGuy

11:27 pm on Mar 30, 2005 (gmt 0)

Go to InstantSSL and you can get an SSL certificate for less than half the price of Verisign.

incrediBILL

11:28 pm on Mar 30, 2005 (gmt 0)

How will my visitors know I have an SSL certificate, or even know what one is? Thats one thing I am confused about.

During the shopping process you switch from "VIEW CART" which would be on [EXAMPLE.COM...] to secure checkout which is typically [EXAMPLE.COM...] which engages the SSL server and the lock on your page will engage showing it's secure.

chopin2256

12:37 am on Mar 31, 2005 (gmt 0)

Whats the difference between:

1. Turbo SSL Secure Certificates

2. High-Assurance Secure Certificates

3. Wildcard Secure Certificate

I think I am going to register Turbo SSL Secure Certificate through GoDaddy, it is very cheap ($30/year). I just do not know if I should go for the High-Assurance Secure Certificate for $100 a year. I do not know the difference.

Ozark

12:50 pm on Mar 31, 2005 (gmt 0)

1. Turbo SSL Secure Certificates

They only use your domain name to verify who owns the web site. They send a email to the email address listed on whois.

2. High-Assurance Secure Certificates

1. The entity requesting the certificate has access to the domain.

2. The certificate is being issued to an organization that is currently registered with a government authority (if applicable).

3. The individual requesting the certificate is associated with the entity named in the certificate (if applicable).

3. Wildcard Secure Certificate

Secures unlimited sub-domains that share the same base domain and server, like www.domainname.com; shop.domainname.com; register.domainname.com, etc.

Ozark