Hello everybody,

I am one of the newcomers, just signed up a few days ago. :D

And I am a newbie of payments and SLLs.
So I need a few suggestions.

First of all I have a merchant account and solved my virtual POS problem with my bank and now I am almost ready to accept payments online.

But I don't know much about SSL. I know that I can use Kualo's shared SSL but after a quick search I found out that I can buy a cert for my own for something between $50 to $150. Before I only knew about Verisign and I thought SSL is something very expensive.

I have 2 questions about SSL.

1- I found out that instantssl.com offers certs for $49 and geotrust offers it for $119. On some forums I found out that instantssl has a better browser covarage (like %99). So it makes much more sense than any other cert providers. Do you think this is correct or am I missing something? What do you guys use?

2- I (will) have multiple web sites which I'll sale somethings, so basicly it seems that I need more than one cert. But there is a shared SSL thing. Do you think I can have the cert for a domain name like secure.com and during payment redirect my customers to that web site from the sale sites? Like if customer is from mysalesA.com they will do the payment under secure.com/mysalesA/ and for the mysalesB.com, the payment page will be secure.com/mysalesB/. It makes sense to me but since I am a newbie I don't know if it works this way... And if it works this way would there be any limit for that sub-dirs?

Any comments would be great...
Thanks...

[quote:ee6f5dcdd0]1- I found out that instantssl.com offers certs for $49 and geotrust offers it for $119. On some forums I found out that instantssl has a better browser covarage (like %99). So it makes much more sense than any other cert providers. Do you think this is correct or am I missing something? What do you guys use? [/quote:ee6f5dcdd0]

Well depends what you really need the cert for. For most purposes, the cheaper certs will do the trick. You can get a good cert from rackshack for $49/yr -- http://www.rackshack.net/quickssldetails.asp

[quote:ee6f5dcdd0]2- I (will) have multiple web sites which I'll sale somethings, so basicly it seems that I need more than one cert. But there is a shared SSL thing. Do you think I can have the cert for a domain name like secure.com and during payment redirect my customers to that web site from the sale sites? Like if customer is from mysalesA.com they will do the payment under secure.com/mysalesA/ and for the mysalesB.com, the payment page will be secure.com/mysalesB/. It makes sense to me but since I am a newbie I don't know if it works this way... And if it works this way would there be any limit for that sub-dirs? [/quote:ee6f5dcdd0]

Yes this could work without a problem. Also as you are a reseller you could install it on one anonymous domain, then every account could access it using, for example,

https://secure.domain.com/~username

So its a bonus for your customers. I believe (though have never tried it) that you can also put a wildcard in for your cert. So you set the cert up for the domain https://*.domain.com, then any subdomain on that domain would also work with SSL.

Hope that helps!

Best,

Jo

Thanks for the reply Jo.


[quote:ddd28355e4]Well depends what you really need the cert for. For most purposes, the cheaper certs will do the trick.[/quote:ddd28355e4]
I just need a secure site that I my clients fill the payment form. The only thing important choosing a cert that has a wide coverage I think.
On WHT forums I heard that instantsll.com coverage is wider than geotrust. Any idea about this?


[quote:ddd28355e4]
Yes this could work without a problem. Also as you are a reseller you could install it on one anonymous domain, then every account could access it using, for example,

https://secure.domain.com/~username

So its a bonus for your customers. I believe (though have never tried it) that you can also put a wildcard in for your cert. So you set the cert up for the domain https://*.domain.com, then any subdomain on that domain would also work with SSL.
[/quote:ddd28355e4]

Good idea about the bonus.

It has to be a sub-domain?
I mean only as https://secure.domain.com or https://www.domain.com would work fine as well? I think I would prefer having without a sub-domain but a sub-directory instead (like https://www.securedomain.com/~username).

And wildcards makes no sense to me since you can assign a sub-directory. Why would anybody need it if they secure the domain or a sub-domain? They can always use https://www.domain.com/~AsManyNamesAsYouWish.
Am I missing another point here?

[quote:ddd28355e4]
Hope that helps!
[/quote:ddd28355e4]

Sure it does :)

[quote:72bcc221ad]On WHT forums I heard that instantsll.com coverage is wider than geotrust. Any idea about this?[/quote:72bcc221ad]

Probable, but I shouldn't imagine that there is a very great difference. Most people use the most common browsers anyway... you'd have to do some more research I guess. WHT is a good place to start.

[quote:72bcc221ad]They can always use https://www.domain.com/~AsManyNamesAsYouWish[/quote:72bcc221ad]

Sure, just some people prefer subs. The above option, with the /~username is an easier option. :)

Best,

Jo

Great.. thanks for the help...

[quote:a12acf958f]So you set the cert up for the domain https://*.domain.com, then any subdomain on that domain would also work with SSL.[/quote:a12acf958f]

I don't suppose the SSL cert for macbeth is set up this way is it?

Graeme

[quote:6b356eb385]I don't suppose the SSL cert for macbeth is set up this way is it?[/quote:6b356eb385]

Afraid not...