An SSL certificate is important on a serious e-commerce site. I tells people that you are really who you say you are, plus it is backed up by a reputable firm such as most SSL vendors on the market.

Plus, credit card companies will not authorize your site to do any transactions if you don't have an authorized and verifiable SSL certificate

SEO practioner

That is not entirely accurate. I have been building e-commerce sites for a few years for clients and no credit card firm that I know of prevents any merchant from accepting credit cards on line without SSL certs. I know of people who e-mail credit card numbers, and they are quite foolish to do so, but it is legal.

That being said, an SSL cert is much more than a certificate that proves that you are who you say you are. SSL stands for "Secure Socket Layer", and that means that all credit card data that is transmitted to and from sites which have an SSL cert are encrypted with 128 bit encryption MOD SSL technology so that they can not be viewed during transmission. This is done by what is called an RSA private key. Mod SSL is an Apache Web Server Softare plug in for secure transactions and data encryption - transmission. An SSL certificate will not function without Mod SSL or other equivalent software, however Mod SSL has about 75 percent of all web encryption traffic, and it is open source software - free. There are other commercial versions for a price.

sand, what that box means is that the web host company probably has a secure certificate that they are lending to the web author. The site is probably encrypted, however the certificate is not owned by the person who owns the web site. I know of some firms who will not do business with anyone on the net unless the owner of the web site owns their own certificate. They cost anywhere from 50 to 200 bucks a year, but if you want to appear like a legitimate business person instead of some fly by night person who is an amature selling widgets on line as a hobby, then cough up the fifty bucks. If it is your hobby or if your profession or meal ticket does not depend on on line sales then don't waste your money on one.

I would not recommend to anyone who creates e-commerce sites to not use mod_ssl and Thawte or Verisign certs, nor would I purchase anything from a non secure site. But it is possible to do.

For more information on SSL, visit [modssl.org...] and [engelschall.com...]
For SSL Certificate info visit [verisign.com...] or [thawte.com...] There are many other firms who sell ssl certificates for cheaper, but these are the two best known and recognized firms.

[edited by: nadsab at 11:14 pm (utc) on April 10, 2003]

Also you name two of the biggies but has anyone any experience with the cheaper £50 ones?

What benefit do you get from a more expensive one?

Thanks :)