no. Although depending on how you do it the browser may get a message saying "you are entering / leaving a secure page"

Yickman hi and welcome to WW!

No SSL issuer like Verisign or the others will issue a certificate unless it is dedicated to just one single IP address, for security reasons of course.

If we are talking about a fully secure, stand-alone e-commerce site than the answer is no. You cannot redirect a visitor that way.

What you are talking about is dealing with a third-tier payment company wich is different, in wich case your client (the site owner) loses all form of control over his client and is in turn warned with a pop-up window saying "You will be transported to xyz company for payment reasons".

Personally, I prefer the first option. Also, the conversion rate is much much higher in the first case too.

:-) SEO

Hey guys

Thanks for the help!

I was reading the posts here about paying for a certificate so that an visitors to your site will know that you are trustworthy.
However yesterday I realised that the web hoster i am with provides a certificate for it's customers. I tested this out and got the little lock icon on the bottom of the Internet Explorer window. Does the lock icon mean SSL had been implemented, and is that all I need?
The thing is, when i clicked on the lock, the details said that the certifcate was registered for the web hosting company. Am I right to say that this is because the web hoster had bought one certificate to share between all of us who use their products, and if so is that allowed because I thought certificates are only meant to be for one company? Also if i go about it this way (the cheaper way!), my customers will be weary that the certificate does not match with my website.

Yickman

>> I thought certificates are only meant to be for one company?

Close. An SSL certificate certifies a server. Multiple users on that server can use it (a set up called "shared SSL")

>> Does the lock icon mean SSL had been implemented,

Yes

>> and is that all I need?

No. SSL only secures the data while it is being transferred. If you then put it into a database on your web server which is unsecured, the data is vunerable. Ideally, any such data should be stored in a secure area of the server, or preferably on a different server inside your firewall

<sidenote> I often find it amusing the lengths that some people will go to to secure data in transfer, which is quite hard to access without a physical tap into the hardware of your local telecomms system, but will happily leave thousands of their customers personal records on a database outside their firewall where it is static and relatively easy to get at. Almost every story you see along the lines of "20k credit card numbers stolen from website" are due to non-secure databases being attacked, not someone reading an email </sidenote>

Let's say you're a potential customer then, and you go to a site that's got a shared SSL, would you be put off from buying on that site because the certificate's name is the shared name, and not the same name as the site?

Yickman