Quick SSL Certificate Question

elkdanger

elkdanger

elkdanger

Associate
Joined
11 Mar 2003
Posts
1,328
Location
North Shields
'allo

We're looking at buying an SSL certificate to handle secure transactions on our dedicated server, but I've just got a couple of questions to clear some things up.

Now, the set up that we have is we have two static IP addresses; one one IP address we host the websites, and the other we're going to host scripts that require secure access. This includes things like returning from payment integration services and so on.

So effectively we have two locations: www.exampledomain.co.uk and secure.exampledomain.co.uk. This is going to sound like a silly question, but I take it I would buy the certificate in the name of secure.exampledomain.co.uk?
 
pinkaardvark said:
Do you need to buy one, you can create your own you know if the traffic to the server is known to you and they are happy to download your self cert.
Click to expand...

Yes we did try that, but problems occured because the punters of one of our e-commerce sites were not willing to sign the certificate half the time. Half of the problem is that the site isn't built very well, but that's a whole different kettle of fish (let's not go there :D)

We've also got a project coming up that requires a 'proper' certificate which won't produce any prompts to the user.
 
pinkaardvark said:
Do you need to buy one, you can create your own you know if the traffic to the server is known to you and they are happy to download your self cert.
Click to expand...
That defeats the entire object :/

(Well - not really - but as far as joe public is concerned it does :))
 
Beansprout said:
That defeats the entire object :/

(Well - not really - but as far as joe public is concerned it does :))
Click to expand...

Maybe, but I have coded SSL solution where customer was happy to just allow us to install certificate as part of the install so didn't give a fairy puff whether it came from thawte or not.
 
pinkaardvark said:
Maybe, but I have coded SSL solution where customer was happy to just allow us to install certificate as part of the install so didn't give a fairy puff whether it came from thawte or not.
Click to expand...
Fair enough, but that's not really very good general advice - especially when you can have proper SSL certs from a tenner :)

To the original question - elkdanger - purchase the SSL cert for the domain which will need the secure access, as SSL certs (except wildcard certs) are valid only for a particular domain+subdomain combo. Short answer - you're right - secure.exampledomain.co.uk :)
 
Beansprout said:
To the original question - elkdanger - purchase the SSL cert for the domain which will need the secure access, as SSL certs (except wildcard certs) are valid only for a particular domain+subdomain combo. Short answer - you're right - secure.exampledomain.co.uk :)
Click to expand...

Thanks for clearing that up :)
 
However are the "cheap" certificates automatically accepted by the vast majority of the browsers out there?
These days anyting that asks users to click "Yes" more than once or everytime they visit a site scares them and the OP will be back to square one with regards customers not wanting to say yes to certificates.

We use Thawte for all of our certificates because to be honest they are rather reasonable.
We've got a couple for use with our Exchange webmail and GUI FTP services and currently getting one sorted out for our Media 11 content pages.
Verisign certificates are about double the price of the Thawte ones.
 
You must log in or register to reply here.
Back
Top Bottom