Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security configuration


design-a-web

Recommended Posts

A little bit more on that:

 

For testing you can just install a self-signed certificate which is your CSR (Certificate Signing Request). If you are using a virtual host, just ask them to issue you a CSR and install it for you. You wont' need to get it signed by a CSA (Certificate Signing Authority) until you are ready to go live. This will save you a few bucks since it moves your renewal date at the CSA to when you are ready.

 

Don't worry about using your own CC info for testing purposes since the data will be encrypted using SSL regardless of whether you have it signed by a CSA or not. Your communications will be (encrypted=)protected from your or anyone else's browser to your server during the testing phase. The encryption is done via ssl (likely OpenSSL) which is an application on your server that encrypts the data as it is transmitted and decrypts it when received.

 

Tho if you are ready to go, you need to get your CSR signed by a CSA who will then give you a signed certificate after you have ponied up the bucks for it.

 

The cheapest listed CSA (http://certs.netscape.com) that I've found is www.entrust.com. You want to use one from this list to keep browsers from refusing your certificate. There are cheaper ones out there but you will likely loose more than the money it would have cost you to use a trusted CSA. If anyone has found a trusted CSA cheaper, let me know. Or if you have tried a cheaper one and it is working okay, I'd love to know who it is.

*edit*

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...