× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. January 2007

Re: Question on SSL Certificates

You may be able to (especially if the cert is relatively new). You'll
have to generate a CSR for the new host name for sure. One other thing.
If you are taking credit card payments, you should take a look at the
Payment Card Industry Standards. There are lots of guidelines for
handling them and one of the topics covers SSL.

Matt 

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Mike
Sent: Wednesday, January 24, 2007 4:53 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Question on SSL Certificates

Okay... actually we use Thawe now. I can breathe easier now. But that
cert
is for www.ci.mankato.mn.us and not secure.mydomain.gov (can't reveal
the
new site yet... not hooked up). Checking with tech support now, but we
can't
transfer a cert from one domain to another?

On 1/24/07, Walden H. Leverich <WaldenL@xxxxxxxxxxxxxxx> wrote:



Note: My boss seems against anything GoDaddy related, so that is out.


Godaddy isn't a root signer -- they're selling certs signed by

valicert

which redirects to tumbleweed, so that's a slippery slope.

The two I've had success w/are Verisign and Thawte. Thawte is

regularly

less expensive than Verisign, but Thawte is South African, while
Verisign is American -- for a corp, not a big deal, for the
government... <G>

Also, be aware there is a new feature of SSL certs, called EV, or
Enhanced Validation. If you're using an EV-aware browser then your
address bar will be green otherwise it won't. IE7 is an EV aware
browser, and I'm sure firefox, opera and safari will be soon.

In any case, any 128-bit SSL cert will provide the same level of
protection from hacking regardless of who the provider is (even one

you

issue yourself). The difference is the trust your users have in the
cert. If you self-issue it's cheap (free), but the browser will say it
doesn't recognize the Root CA in a message box, and that would scare

me.

The EV stuff provides more protection to the consumer, as they can
better trust that the site is who they claim to be, but I don't think
that's a big deal in your case. So... I'd go w/Secure Site Pro from
verisign or SSL123 from Thawte (look at price difference!)

Of course, there's also the "trust" factor, I'd gues Verisign's SSL

seal

is the most recognized, so if you're trying to put your customers mind
at rest I'd go w/Verisign, but from a true security point of view
they're all the same.

-Walden


--
Walden H Leverich III
Tech Software
(516) 627-3800 x3051
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)


-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Mike
Sent: Wednesday, January 24, 2007 3:54 PM
To: Web Enabling the AS400 / iSeries
Subject: [WEB400] Question on SSL Certificates

We are shopping for SSL certificates but I have basically no

experience

with
them. We have a site that allows citizens to pay their water bills.
Looking
at Verisign they have several options (


http://www.verisign.com/ssl/buy-ssl-certificates/secure-site-services/in

dex.html).
Now I could go the cheap route and get the cheapest there is, but we

are

talking about a government site. I want to make sure we get what we

need

and
not just the cheapest option.

Note: My boss seems against anything GoDaddy related, so that is out.

--
Mike Wills
http://www.linkedin.com/in/mikewills
Blog - http://mikewills.name
Podcasts - http://theriverbendpodcast.com
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.


--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.