[Closed] Setting links for shared SSL

[pcincome]

On the faq page it says:
Q. Whats the path to the free shared ssl?

A. Take your sites ip address and add 3 to the end number. so...
if 69.93.86.2 is your sites ip then your shared ssl would be https://69.93.86.5/~yourusernamehere/

My sites IP number is http://67.18.54.205 so what I'm seeing here is to connect to a shared SSL I should use
https://67.18.54.208/~pcincome
The page I'm trying to secure is order.html so the link to a secure order form I would think then should be
https://67.18.54.208/~pcincome/order.html

It doesn't work.
(I can connect using my domain name but of course get the unsecured notice)

What am I doing wrong or where did I miss a step or is there more to be set up to use the shared SSL on any domain I set up?

Please Advise

Karen Umstattd

[GatorJustin]

I'll find out more info, but for now using your IP w/o adding the 3 to it seems to work...

https://67.18.54.205/~pcincome/order.html

[pcincome]

I just found this:

Q. Whats the path to the free shared ssl?

A. We need to activate the shared ssl on each site manually that will require it. Please e-mail us to do get a site activated.

(I will send an email now)

Can you please clarify something for me.

Does this mean that each domain I set up under my reseller package that has a secure page will need to have the shared ssl activated, individually, on each domain OR, does this mean each RESELLERS package will need to have this set up manually?

I currently own an SSL but wasn't planning to move it. I'm a little confused on how shared ssl would work for me if I owned my own SSL and used it on other sites. Can I do that? Can I share my own ssl instead of the hostgator shared ssl? Right now, before I move things over, I am hosting subdomains on my current domain so shared ssl wasn't a question and that's why I'm confused. I do NOT want to purchase an SSL for each domain I host.

I'm just trying to understand the best and most convenient way for me to do this.

Thanks
Karen

[pcincome]

I hope I can get some clarity on something here.

I heard back from support and they told me to use the same link you gave me and my problem is, when using that link, the Security Alert box pops up. I don't like that box :|

In doing some research, this is what I've learned about that box:
If the certificate can be authenticated by a trusted certificate authority, the secure page will come up automatically.

If you connect to a secure server authenticated by an authority not included in your browser's list, or if any of the information does not match, or, in some cases, if you have an old browser that needs an update, you may get a security warning.

Using this link as I was given for shared SSL, the certificate shows it was issued BY secure2.websitewelcome.com which is not a recognized authority for the majority of surfers. (doesn't look right to me)

If this information is indeed correct, then from what I've read, I won't be able to stop that Security Alert box from coming up.

So, my question is, am I wright or wrong in what I'm seeing/thinking. Is who I see listed (secure2.websitewelcome.com) as this issuer correct?

If I am right, then I can't use the shared SSL (it's very unprofessional having the security box pop up) and need to work towards other options in using a secure page.

Also, the serial number for this certificate is 00.

This is the only thing holding me up from completing my move.

Karen Umstattd

[Stef]

Hi,
I'm on http://67.18.52.95/.
Using https://67.18.52.95/ show me a certificate issued by secure3.websitewelcome.com, (like secure2 in your case). This is indeed not a correct certificate.
When I go to https://67.18.52.98/ however, as the procedure in the FAQ describes (add 3), I indeed get a "Equifax Secure Certificate Authority" certificate. Details show Geotrust QuickSSL, so this is correct.

(Remark: I don't know what's the relation between GeoTrust and Equifax).

Bye,
Stef.

[pcincome]

Hi Stef, thank you for your feedback.

This is what I got from support so far after I realized there has to be something wrong with what I'm doing or the certificate itself.

"There is a small problem with the ssl certificate on the server. We will fix the issue and let you know."

I suppose this is why I can't link with the +3 IP as instructed on the faq page.

Karen

[JPlatinum]

I don't know why, but for me, the shared SSL is IP + 2 instead of + 3... everything works if I add 2 instead of 3.

See for yourself!

Unsecured:
http://67.18.2.226/~jayse/test.html

Secured:
https://67.18.2.228/~jayse/test.html


Hope this helps someone.

--JD

[pcincome]

From: "Hostgator Support Team" <support@hostgator.com>
Sent: Wednesday, May 26, 2004 8:45 PM
Subject: [HGSupport #ABS-15466-137]: ssl

You get this error because it's a shared ssl. For there ot be no warning you would need a private ssl that's created specifically for your domain.

I don't know if I'm happy with this response. Sounds like an easy way out to me. I may not be an expert at all of this hosting stuff but anyone can see the certificates are not set up properly.

So, does anyone know WHO authorized these certificates for all these different IP's? It appears that each certificate shows the IP as the authorizor of the certificate.

You know, I decided to give hostgator a chance because of this forum and as I read the pros and cons of this support forum, I hesitated on whether or not I was making the right choice. I read horror stories about the quick, unrelational responses from the support department and it is because of the lack of support and the host I am currently with that I even considered a move............................

JPlatinum -
When I click your link https://67.18.2.228/~jayse/test.html I get the security warning as well. Well I click the lock icon to read the certificate, it also shows a serial number of 00 and this one shows it was issued by sitenotexit.com which would be the server YOUR on. Should you decide to link to a shared ssl on your server, your users will also get the security warning. That may scare people away.

[gameutopia]

You are right everyone that posted what they said were ssl ip's do infact bring up the invalid or wrong certificate box. Possibly they clicked on install the certificate/trust the certificate at one point or other so it is on there computer as trusted.

I agree I don't like the idea of the invalid/wrong box popping up either. It would definately scare or discourage users.

You can purchase your own ssl's pretty cheap from third party providers that are affiliated with the big company's. Try www.freessl.com I think there entry level one is something like $39, however even at this price hostgator wants some kind of fee to install it for you. They don't let you access this part of whm the way they have it set up, which is too bad. If they gave you access to this feature, it's a simple few clicks to generate a few codes that you give the certificate provider. Then the ssl provider gives you a few codes and you go back to whm and enter them. Not all of them are that simple to install but the entry level one from freessl is.

There are some others out there for around $49 too.

Fee's are yearly.

I'll be watching the board to see if anything becomes of the shared ssl, with no invalid/popup host gator is supposed to provide.

Incedently some of the other providers I've had did the same thing.

Some of your ssl links were:
https://www.yourdomain.com:2096 = webmail
https://www.yourdomain.com:2087 = whm
https://www.yourdomain.com:2083 = cpanel

you can also do like:
https://www.yourdomain.com:2083/horde/index.php etc for direct mail program. You can also do similar for squirrel or neo mail, however you always get the certificate popup.

I simply want to be able to login to my mail without getting the invalid certificate warning.

GameUtopia

[sonic]

Quote:

Originally Posted by pcincome

You get this error because it's a shared ssl. For there ot be no warning you would need a private ssl that's created specifically for your domain.

I don't know if I'm happy with this response. Sounds like an easy way out to me. I may not be an expert at all of this hosting stuff but anyone can see the certificates are not set up properly.

So, does anyone know WHO authorized these certificates for all these different IP's? It appears that each certificate shows the IP as the authorizor of the certificate.

Hi, I am a reseller on the escape server. I believe Hostgator themselves authorized the shared certificates, giving all users a cheap way to securely (SSL) communicate. Shared ssl certificates are not meant to replace private ssl certificares. If you want no warnings to appear in front of your users, then you have to buy a private certificate, one certificate for EACH domain you want to secure. It is how ssl certificates are designed to work: An ssl certificate is tied to ONE domain name. However, if you want to communicate with people who know who you are, then you can use the shared ssl Hostgator is offering.

Hope that helps

[pcincome]

When I asked who authorized this certificate, what I was asking was what company did they purchase the ssl through. ie: verisign, geotrust, commado etc

I think this forum here http://www.webmasterworld.com/forum22/1973.htm explains more clearly what I myself was trying to understand. If this be the fact as to why the security box pops up, then there is nothing wrong with the certificate, just not one I care to use as it's not professional in my opinion.

If this is the case, I also don't think it's fair to offer shared ssl since it seems I can do the same thing myself and it's not a true ssl from a trusted authority as I assumed.

I currently host with two other companies (one if which I am moving from) and with one company, I own my own certificate, with the other I use a shared ssl. With the shared ssl, there has never been any issues with a security warning box coming up and trying to understand why it came up here but not there, telling me it's because it's a shared certificate didn't make sense. From what I've read, although it's still secure, it appears the shared ssl's are self signed ssl's.

Karen

[GatorJustin]

I'm closing this at the request of the topic starter.