Jump to:

113 Posts in 224 Topics by 53 members

Payments and Payment Gateway / APIs

SilverStripe Forums » Payments and Payment Gateway / APIs » Is shared SSL okay of ecommerce?

This is a forum for discussing SilverStripe can-do payments and their APIs / Gateways.

Moderators: martimiz, Sean, Normann, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1944 Views
  • Eco
    Community Member
    15 Posts

    Is shared SSL okay of ecommerce? Link to this post

    Is shared SSL secure enough for pages where credit card details are recorded, or should I splash out on a dedicated SSL certificate?

  • marblegravy
    Community Member
    19 Posts

    Re: Is shared SSL okay of ecommerce? Link to this post

    I'm also curious on what the advice on this question is. New to eCommerce in general and SSL is one of those big unknowns.

  • Jedateach
    Forum Moderator
    227 Posts

    Re: Is shared SSL okay of ecommerce? Link to this post

    In my slowly increasing understanding, all SSL certificates are just as secure, or similarly secure, with the main difference being how many bits are used in the private/public keys.

    A shared key should work fine, but I believe if the domain the key is registered for does not match your own domain, users will be presented with a message to say that the keys do not match, and you need to decide to trust the site or not. This is pretty much the same as a self-signed key, meaning you generate one yourself, and install that.

    I believe the best option is to go for a cheap key (~$100USD/year), just to get rid of the warning message, and that should be enough to keep data secure. Where you start getting expensive, is when you get your certificates from big name authorities like VeriSign. I think you are just paying to be verified by them, and part of their 'network of trust'.

    Anyone feel free to correct me if this isn't quite right.

Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.