Re: SSL questions

• Previous message: Luigi Donatello Asero: "Re: [en] Britain and the euro"
• Maybe in reply to: M.E. Post: "Re: SSL questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 02 Jan 2005 06:36:22 GMT

"Andrew Bullock" <trullockNO@SPAMyahoo.com> skrev i meddelandet
news:PAHBd.1177$bf6.36@newsfe1-win.ntli.net...
> M.E. Post wrote:
> > "Andrew Bullock" <trullockNO@SPAMyahoo.com> wrote in message
> > news:g4IAd.750$AU1.219@newsfe5-win.ntli.net...
> >
> >>Hi,
> >>
> >>I'm pretty good with html and php, been doing it for years however I
have
> >>only just begun trying to use SSL and secure browsing.
> >>
> >>I've just written a shopping cart system and come to the payment part
and
> >>realised I know nothing!
> >>
> >>All ive managed to deduce is that i need some kind of certificate and
> >>https hosting.
> >>
> >>Could someone give me a brief (or preferrably in depth) overview of the
> >>process required for me to implement a credit card payment system
> >>
> >>I dont need exact details, just something along the lines of an
> >>explaination as to how ssl works.
> >>
> >>Thanks
> >>
> >>Andrew Bullock
> >
> >
> > Hi Andrew,
> >
> > The SSL stuff isn't to difficult once you know the basics :-) I'm
assuming
> > you use Apache as a web server. First off you need to ascertain whether
your
> > hosting service (or maybe you are hosting yourself) uses an IP based
virtual
> > host for your site, this is very important. SSL can't and won't work
with
> > name based virtual hosts, the reason being that with name based virtual
> > hosts the routing information is encrypted within the body of the
message.
> > With an IP based virtual host the routing information is available in
the IP
> > header and is unencrypted allowing the web server to direct traffic to
your
> > site. So make sure that you have an IP based virtual host. If not
convince
> > the hosting service that you want one for SSL.
> >
> > You will need a digital certificate. There are legions of companies out
> > there that can deliver them but you'd want a well known player in order
to
> > be sure that all browsers support your SSL certificate. Every browser on
the
> > planet contains a set of so called root certificates, for instance open
> > Internet Explorer->Tools->Internet Options->Content->Publishers->Trusted
> > Root Certificate Authorities for a complete list. If your supplier isn't
on
> > that list your customers will get all kinds of alarming popups that
won't do
> > a lot of good for your reputation :-) If you want to be on the safe side
you
> > can get a certificate from VeriSign, Thawte, Equifax or GTE.

I let install a certificate from GeoTrust.
If I understand it properly, this certificate is made by Equifax for
GeoTrust,
isnīt it?
Do you think that it is a good one?
Or is it one of those which let customeres get all kinds of alarming popups?
:-)

-- 
 Luigi ( un italiano che vive in Svezia)
http://www.scaiecat-spa-gigi.com/de/schuhe-artikel-1169.html

• Previous message: Luigi Donatello Asero: "Re: [en] Britain and the euro"
• Maybe in reply to: M.E. Post: "Re: SSL questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]