Comments on: SSL Certificates – Secure Server Certificates

By: milicic.marko

milicic.marko — Fri, 15 Aug 2008 08:21:50 +0000

http://www.apache.org

By: rtang@sbcglobal.net

rtang@sbcglobal.net — Fri, 15 Aug 2008 02:49:50 +0000

By: vijay rajan

vijay rajan — Thu, 14 Aug 2008 11:02:23 +0000

It's a multifaceted answer because you first need to determine if you want a third party as a Trusted Authority, such as Verisign or Thawte. If you're selling anything on your site, definitely get a trusted third party involved in order for others to trust you. If you use that process, follow the third parties instructions on how to do it (they all have detailed information on their sites).

If not, follow the instructions linked below. You'll first need the certificate server to self sign the certificates and then need to generate and approve it yourself.

Good luck,

By: Jazz

Jazz — Thu, 14 Aug 2008 02:42:34 +0000

There is a tutorial here,
http://www.digicert.com/ssl-certificate-installation.htm

By: flafuncop

flafuncop — Thu, 14 Aug 2008 01:59:37 +0000

The 12.99 SSL certificate only certifies that the site is secure. You don't get the green bar if someone visits your site. The green thing shows that the company is validated, such company exists, such company is trusted, the company can be sued easily if it cheats you. (which costs 500). You get a green bar when you visit it. (it means it is secure)

Basically the $500 also includes insurance or warranty…should your customers credit card accounts get hijacked somehow, they will refund the customers (I think)

You need OpenSSL support on linux (and the certificate file). To use SSL, just make the beginning of the website address as https:// instead of http://

Basically you need to force the shopping cart pages to use SSL. Maybe you could try putting the general info pages on a webserver that allows only http, and the confidential pages on a webserver that allows only https. I don't know how to do this though.

Well, once the certificate is installed, you cannot change the .com address (or the DNS name) it is registered to. Also you need something called a seal on each of your webpages (like thawte secured, verisign secured, and so on, whatever certifier you subscribe to, they will give you the seal.)

I hope I helped.

By: vijay rajan

vijay rajan — Wed, 13 Aug 2008 20:21:10 +0000

Having worked for a large "Certificate Authority" for 6+ years, I used to always encounter folks in your situation needing to know this little bit of info….and I would always direct them to this MS Support article: http://support.microsoft.com/kb/239875

By: sundar

sundar — Wed, 13 Aug 2008 09:00:17 +0000

Oh, definitely yes! If it's a credit card, all the standard credit-card protections apply. Namely, even if someone does steal the credit card number and make fraudulent purchases, you won't have to pay for those purchases. So credit card purchasing is inherently safe, no matter how much encryption (or how little encryption) is used.

By: argh.pirate

argh.pirate — Tue, 12 Aug 2008 02:38:24 +0000

yes and no. you do have to have an ssl certificate for ssl to work, but if you create your own, it is not a publically trusted certificate. the person on the other end has to trust that you are who you say you are. you may say, but i am. that is correct, but I also could pretend to be you.

By: BtAlex

BtAlex — Tue, 12 Aug 2008 02:04:15 +0000

Yes you can create multiple secure websites on an singe server. But both websites need a different ip number!

mydomain.net. 10.0.0.1
sub.mydomain.net. 10.0.0.2

The SSL protocol is only working on HTTP 1.0 and not the HTTP 1.1 protocol. Within the HTTP 1.1 protocol you can send the hostname of the server in the header.