Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Questions about SSLs


marcygiff

Recommended Posts

I have several questions about SSLs.

 

1. I am plodding my way through the installation process and am on Step 4 where it has a check box "Enable SSL connections." I haven't purchased the SSL yet. Can I install w/o enabling the connections and enable them later? Should I enable them even though I don't have an SSL yet?

 

2. That being said, I am clueless about SSLs and I am wondering if I can purchase the basic SSL from Go Daddy (at 19.95/year).

 

3. Off the subject of SSLs, my client has an online credit card processing service where he will input the CC manually. I need to securely encrypt the CC number and give him the ability to decrypt it and then input it through his processor. My thought process is to log into the Admin area and decrypt the CC number from there. I haven't been able to find anything that actually says I can accomplish this. Is it possible? Is there another (better) way?

Link to comment
Share on other sites

Can I install w/o enabling the connections and enable them later?

Yes

Should I enable them even though I don't have an SSL yet?

Definitely not - unless you want to break the website.

my client

You have two posts on the forum and obviously are not used to using osCommerce, so don't you think it's a bit ambitious to sell your services to someone else at this point in time?

 

Vger

Link to comment
Share on other sites

You have two posts on the forum and obviously are not used to using osCommerce, so don't you think it's a bit ambitious to sell your services to someone else at this point in time?

 

Vger

 

Ambitious, absolutely but this is for a long time, existing website customer who wants to now add a shopping cart. He knows that I have not done this and is willing to allow me to muddle my way through it to get to his end product. I am new to osCommerce but my posts are certainly no more uneducated than many on here and it seems a lot of people are ambitiously attempting to learn and integrate this software. Isn't this where most people start and why these forums exist? My hosting company is assisting my on the server side questions/issues I have but I'm looking for help/education from those who've been where I am now. If this isn't the forum for that, can someone point me to one where I can find answers w/o judgement on what I am attempting to do?

 

Thank you for the answers to my other questions but I'm still looking for an answer to #3:

 

"My client has an online credit card processing service where he will input the CC manually. I need to securely encrypt the CC number and give him the ability to decrypt it and then input it through his processor. My thought process is to log into the Admin area and decrypt the CC number from there. I haven't been able to find anything that actually says I can accomplish this. Is it possible? Is there another (better) way?"

Link to comment
Share on other sites

it seems a lot of people are ambitiously attempting to learn and integrate this software

Yes but most of the time they are setting up stores for themselves - not clients... If you can pick it up quickly and have good web programming and design knowledge then you're fine. I've seen a few people on here with little or no background in web technologies that have taken a year or more to set their stores up...

 

Anyway -

 

"My client has an online credit card processing service where he will input the CC manually. I need to securely encrypt the CC number and give him the ability to decrypt it and then input it through his processor. My thought process is to log into the Admin area and decrypt the CC number from there. I haven't been able to find anything that actually says I can accomplish this. Is it possible? Is there another (better) way?"

If he already has an online credit card processing service - why not just plug this into OSC and have it process the numbers instantly and dump the funds straight into his bank account? If your client gets lots of orders - manually processing each number is going to be an extremely tiresome and long winded process.

 

You must encrypt the number as it goes into the database - not by logging onto Admin where it is sitting unsecured. Storing credit card numbers is extremely risky and should be avoided at all costs. See here:

 

http://www.oscommerce.com/forums/lofiversion/i...hp/t204702.html

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...