SSL Cert issues

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • OMcHale
    Corporal

    • Oct 2010
    • 13

    SSL Cert issues

    I've had the SSL cert that comes with the Vodahost Extreme Package installed on my site, but it seems that pages with content which connects to 3rd party websites (and do not have the https in their address) prevent that single page from being encrypted.

    I'm new to SSLs so please forgive my simple question, but is that not what the SSL is for. The pages that are not being encrypted are the very pages that NEED to be. The sites that are causing the issues are Paypal and Skype and Screencast. Screencast doesn't have encryption so I'll have to consider embedding the videos that I have instead of streaming them, but the other 2 sites are protected.

    I'm really anxious to hear what anyone has to say about this, and how I might get around the problem. I want to have a very strong security element to the site to build customer confidence.

    Thanks in advance for any thoughts on this.

    Owen
  • Vasili
    Moderator

    • Mar 2006
    • 14683

    #2
    Re: SSL Cert issues

    Your understanding of SSL Certificates is altogether incorrect.

    SSL Certs are installed on websites that process transactions within the website itself, as if you would having an independent Merchant Account applied to a Shopping Cart system like osCommerce, Soholaunch, ZEN Cart, or the like. SSL is short for 'Secure Sockets Layer' which as a 'coded-Keys device' provides a manner to encrypt the single-session exchange of information between the site, User browsers, and the server, a step all transactions are based upon, and does not "protect" site contents, "encrypt pages," or have anything to do with system integrity: SSL Certs are not used to imply "confidence" to Users or Visitors to websites other than to assert the information they might submit to make a transaction is in fact encrypted and properly secured from widespread access or unauthorized distribution. This is why particular attention is given to the details of the Privacy Policy and Transaction Policy for sites actually processing transactional (personal) information, in accordance to SSL protocols and various legal compliances.

    The fact you are using PayPal is indicative of the need for SSL "secure sites" to process transaction within, and PayPal provides it's own secure environment to do this, independent of any such assertions you make or imply with or without an SSL. If you are using PayPal for transactions (to sell, or receive money), there is absolutely no reason for you to have an SSL Cert installed on your site whatsoever .... you would be better off having a "Site Verify," "eTrust," or an interactive banner link to the Better Business Bureau or something like that, either of which offers Visitors the feeling that the site owners have been checked out and subscribe to the ethics and organizations that are deemed worthy.

    Same thing for Skype and Screencast .... Visitors who opt in for this service/connection go to the Skype or Screencast page which is itself a secured site, not dependent on whatever means you have attempted to provide "secure" status. Participants must log in to the secured service, etc.

    Were I you, I would remove the SSL Cert that is useless and dysfunctional (if not causing conflicts) and replace them with other viable site ID's that make sense. If you leave the SSL Cert on your site, it only will amount to an "inferrance" that any email submitted via your site may be more protected, that's all. Having a "Site Verify"/"eTrust"/"Validated Site" or "Owner Confirmed" type interactive banner would be more beneficial, and actually more favored by the Search Engines and now even browsers as they look for outside links and connections to determine site validity and 'certification' before any additional relevancy metrics are attributed ....

    You would also do well to do a little background study (Google Searches) on SSL Certs and the proper uses of them, and also on Website Security protocols and measures.
    . VodaWebs....Luxury Group
    * Success Is Potential Realized *

    Comment

    • OMcHale
      Corporal

      • Oct 2010
      • 13

      #3
      Re: SSL Cert issues

      Thanks for the detailed answer Vasilli.

      Comment

      • Vasili
        Moderator

        • Mar 2006
        • 14683

        #4
        Re: SSL Cert issues



        .... and on we go!
        .
        . VodaWebs....Luxury Group
        * Success Is Potential Realized *

        Comment

        Working...
        X