|
You may be able to (especially if the cert is relatively new). You'll have to generate a CSR for the new host name for sure. One other thing. If you are taking credit card payments, you should take a look at the Payment Card Industry Standards. There are lots of guidelines for handling them and one of the topics covers SSL. Matt -----Original Message----- From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Mike Sent: Wednesday, January 24, 2007 4:53 PM To: Web Enabling the AS400 / iSeries Subject: Re: [WEB400] Question on SSL Certificates Okay... actually we use Thawe now. I can breathe easier now. But that cert is for www.ci.mankato.mn.us and not secure.mydomain.gov (can't reveal the new site yet... not hooked up). Checking with tech support now, but we can't transfer a cert from one domain to another? On 1/24/07, Walden H. Leverich <WaldenL@xxxxxxxxxxxxxxx> wrote:
Note: My boss seems against anything GoDaddy related, so that is out.Godaddy isn't a root signer -- they're selling certs signed by
valicert
which redirects to tumbleweed, so that's a slippery slope. The two I've had success w/are Verisign and Thawte. Thawte is
regularly
less expensive than Verisign, but Thawte is South African, while Verisign is American -- for a corp, not a big deal, for the government... <G> Also, be aware there is a new feature of SSL certs, called EV, or Enhanced Validation. If you're using an EV-aware browser then your address bar will be green otherwise it won't. IE7 is an EV aware browser, and I'm sure firefox, opera and safari will be soon. In any case, any 128-bit SSL cert will provide the same level of protection from hacking regardless of who the provider is (even one
you
issue yourself). The difference is the trust your users have in the cert. If you self-issue it's cheap (free), but the browser will say it doesn't recognize the Root CA in a message box, and that would scare
me.
The EV stuff provides more protection to the consumer, as they can better trust that the site is who they claim to be, but I don't think that's a big deal in your case. So... I'd go w/Secure Site Pro from verisign or SSL123 from Thawte (look at price difference!) Of course, there's also the "trust" factor, I'd gues Verisign's SSL
seal
is the most recognized, so if you're trying to put your customers mind at rest I'd go w/Verisign, but from a true security point of view they're all the same. -Walden -- Walden H Leverich III Tech Software (516) 627-3800 x3051 WaldenL@xxxxxxxxxxxxxxx http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.) -----Original Message----- From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Mike Sent: Wednesday, January 24, 2007 3:54 PM To: Web Enabling the AS400 / iSeries Subject: [WEB400] Question on SSL Certificates We are shopping for SSL certificates but I have basically no
experience
with them. We have a site that allows citizens to pay their water bills. Looking at Verisign they have several options (
http://www.verisign.com/ssl/buy-ssl-certificates/secure-site-services/in
dex.html). Now I could go the cheap route and get the cheapest there is, but we
are
talking about a government site. I want to make sure we get what we
need
and not just the cheapest option. Note: My boss seems against anything GoDaddy related, so that is out. -- Mike Wills http://www.linkedin.com/in/mikewills Blog - http://mikewills.name Podcasts - http://theriverbendpodcast.com -- This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/web400 or email: WEB400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/web400. -- This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/web400 or email: WEB400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.