- Now hosting over 2,200,000 domains!
|
#1
05-29-2004, 07:02 AM
|
|||
|
|||
This subject or support issue can be closed for me as I opted to cancel my account since it seemed I wasn't going to be able to use a shared ssl as I first assumed I would. When I submitted my refund request, I wasn't too happy with the response I got from the support department or whom ever it comes from.
I also think it should be made clear to those who come here with the intention of using the shared ssl that because of the way it is issued, the security warning box will pop up. A shared ssl does NOT require a security warning pop up box and I think whom ever runs this show should look into the support and response I received because unfortunately, it does reflect on this whole domain. I have put up two links that run off a shared ssl and as you can see, neither link causes a pop up security box. (the response from the support department is also on this page) https://elpis.safe-order.net/gateway...sharedssl.html https://207.228.240.6/shb7_140/gatew...sharedssl.html (as of this message, still waiting for domain to propagate) Thank you for your time Karen
__________________
Hakuna Matata Means life without worry. In order to find it, you must be willing to look beyond what you see. ~~Rafikki - Lion King 1 1/2~~ 
|
|
#2
06-11-2004, 09:11 AM
|
|||
|
|||
|
I completely agree. It's ridiculous the "Shared SSL" certificate is not valid. I run sites for other organizations using different hosting company with a "shared ssl" certificate and it works terrific.
It's true, the URL does not show the domain (only a private SSL shows the domain) -- but at least the certificate is valid. HostGator just needs to create a valid SSL for their web servers!? This is not a difficult task. why not get valid SSL for http://lexus.websitewelcome.com, etc?? Then I could point https://lexus.websitewelcome.com/hom...ml/pagexxx.php i get a funny URL but a valid SSL.
|
|
#5
07-12-2004, 12:59 AM
|
||||
|
||||
|
I'll see if I can get the bossman to stop by and offer an update on this.
|
|
#6
07-13-2004, 12:02 PM
|
|||
|
|||
|
I'm disappointed that the shared ssl is incorrectly implemented to the point of being absolutely no use. My clients are often small businesses, non-profits, and artists who just need to send the results of a sign-up form or the occasional order securely, so the shared ssl can be a good option.
Not only do you get the security warning, but the info on the certificate is alarming enough that I wouldn't disclose my pet's name, much less anything of a more sensitive nature, nor would any cautious person. (half the point of ssl is to assure the customer that their info is safe...) Issued by / to info on ssl: email: = test@sitenotexist common name: = sitenotexist.com OU = Test Organization: = My Company Ltd C = USHello, Equally disturbing is the weak support : One sentence canned, knee-jerk responses to detailed questions, i.e.: >Yes the shared SSL certificate is a self-signed one so you get the >warning. >Please feel free to contact us if you have any more queries. ========================================= >If you dont wish to get such warning you will have to purchase dedicated >SSL certificate for your Domain for that kindly check out: >http://www.hostgator.com/resellerssl.php Bottom Line: Hostgator should remove the shared ssl from the features checklist, as it is of no use in it's present implementation. Anyone considering hosting here should add at least $99/year ($75 cert & $2/mo. dedicated IP) to the cost of the plans if you were planning to use the shared ssl, as you'll have to buy your own to get an acceptable solution. At that price, some of the other hosting options look pretty good. William
|
|
#7
07-14-2004, 03:03 PM
|
|||
|
|||
|
Hmmmm, disappointing indeed. I just left a prior host and one of the reasons was the annoyance of his self-signed certificates. Conversely, one of the reasons for my signing up with Hostgator was (I thought) the availability of a semi-transparent, shared SSL.
I see it's been about 1 1/2 months since the original post and apparently nothing has been done to rectify the situation. Not very promising. Hostgator should provide a link to a page just like the first poster did demonstrating how their "shared" SSL functions. If that is what they are advertising as a selling point there should be no reason not to let people make an informed decision. ~JCK
|
|
#9
07-14-2004, 11:42 PM
|
||||
|
||||
|
Does anyone know of a free SSL issuer who's certificates never expires and is a wild card? If so, then perhaps we can move onto a new type of shared SSL.
Right now, if we wanted to get a trusted shared SSL per server, it would be around $500/yr. Less than a dozen users per server actually use shared SSL, not to mention we'd have to keep up on the renewing of them every year and most likely would forget. For those looking to do ecommerce in the most professional manner, will never use a shared SSL to begin with. So, we are left with what we have now. Those who need a shared SSL can have one, and those looking to do it in the most professional manner, can purchase a private SSL. We are open to suggestions, so if anyone has a better idea, please let us know. Additionally, we will (for a limited time only) offer a $25 discount on the purchase of a private SSL for anyone that mentions this post. This would lower your cost from $75 to $50.
__________________
Gators love marshmallows.
|
|
#10
07-15-2004, 12:15 AM
|
|||
|
|||
|
Quote:
Granted, it's the client's problem and maybe they'll have to pony up the dough for a private SSL, but I think what is advertised is a little different than what is delivered as far as one's expectations and understanding of a shared SSL. That being said, thank you for your time and willingness to listen to suggestions. I think you offer a great package and hate to pick fly sh*t out of sugar. And, I am far from literate when it comes to the topic of SSL, etc. Maybe it would be an option to provide people with the choice, when signing up, if they want a shared SSL for a couple bucks-a-month extra and house those accounts on one or two servers. I suppose that may cause some administrative headaches, but maybe it's a thought in the right direction.
|
|
#11
07-15-2004, 02:16 AM
|
|||
|
|||
|
Well, I agree with jaskraft's comments, including the overall praise of hostgator's package. That's certainly why we're here.
I'm not a ssl expert - I just know that my old host offered a free "wrap-around" ssl that didn't produce the warnings. The usage was "https://servername.hostname.net/secure/mydomain.com/mydir/mystuff.htm" Don't know it that's of any help, but it seems that they had a way of allowing multiple users on that server to utilize the secure directory... no idea what they paid for it, of course. The certificate provider was Equifax Secure, Inc. Don't know of any "freebies" - freeSSL is free... unless you want it for more than 30 days <grin>. OpenSSL ? Over my head. Must be an ssl guru around here somewhere. Nobody in-house? With that many geeks in one building? Does anyone know: if I register a domain or subdomain and get a ssl for it, can I allow clients to use it without generating errors? What bothers me is that I tried to carefully research as much as I could before signing on, and the ssl page specifically said that the only difference between shared ssl and dedicated ssl was that the address for a dedicated ssl looks more professional, since it points to your domain name, not a wrap-around. I feel that that was a misleading statement, because the actual difference is far more substantial. I also reacted a bit to the statement "not to mention we'd have to keep up on the renewing of them every year and most likely would forget" By the way, have you renewed your domain name this year? <humour> Seriously, though, I suspect that there is a cost-effective and error-free solution out there with a little research/networking. William
|
|
#12
07-15-2004, 11:00 AM
|
|||
|
|||
|
Check this out:
http://www.freessl.com/ssl-certifica...-products.html Again, I'm not an SSL guru, but it looks like the ChainedSSL Wildcard offered here would provide the needed functionality and transparency for half as much as Gator_Support stated they could get it for. 3 years for $748. Plus, a three-year certificate somewhat negates the "forgetting to renew" issue... :roll: Even if only a dozen people per-server utilize it, that's less than $2 per acount using Shared SSL ($2 X 12 accounts X 12 mos. X 3 yrs = $864), per month that would be needed to recoup the cost (and then some). Surely there's a way to institute some-sort of system in which that could work to everyones benefit. ~JCK
|
|
#13
07-17-2004, 06:46 AM
|
|||
|
|||
|
I fully agree with the post about the advertising of shared ssl. One of my primary reasons for selecting this host was the shared ssl. And yes it is virtually useless as it now stands.
I am a moron about the technicalities of ssl. However I do have private ssl on one site, not yet hosted here. I found the hosts didn't know what they were doing either and I had to fiqure a few issues myself to get it working. So that being said... Couldn't those who want shared ssl be on the same server? Hostgator could charge the bit extra a month and then it would pay. I'd cetainly be willing to pay that extra $ previously suggested for this. It's hard to make a living on the web and many want to test various site ideas etc. without another cost. Also, as mentioned above, the sites with only occassional secure needs. How long does the $50 for private ssl stand  Jeff
|
|
#14
12-14-2004, 12:31 AM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
Hi, I agree what everyone is saying here as well. I don't think it's fair to advertise the only difference between shared ssl and dedicated ssl is the URL!! That's just not true.
I now have to decide whether or not to dish out an extra $99 a year or not  . I wouldn't care nearly so much if you guys had of made it clear. and you really should've fixed it up in the last 6 months!Hope you think about this seriously because from what i can tell so far, this is an honest company who cares abour its customers, which makes this seem so strange.
|
|
#15
12-15-2004, 03:27 AM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
I think this is a 2 way argument....
Host gator said they provided shared SSL, they never said (that i have seen) that this was issued from a trusted root. However, when you see SSL you kinda expect that it will be issued by a trusted root. Hostgator: It might be worth you getting a chained SSL, there only $175 a year at the moment, which isnt that much really. If i remember rightly you can buy them in 10 year blocks, yeah that will be $1750 for this year, but you dont have to think about renewing it for 10 years! It also might be worth having a word with who answered karens refund request. They said "I'm sorry we weren't able to do the impossible for you.", to me that just makes hostgator sound like idiots, to be blunt, its not that its not possiable, its that you wouldn't put your hands in your pockets. Everyone Else: In reality a un-trusted root isnt any less secure than a trusted one, its still SSL, and SSL is SSL and hostgator said that they would provide shared SSL, not that they would provide shared SSL from a trusted root. So really that issue is that you (as did i) assumed it would be a trusted root. But you know what they say assume makes and 'ass' out of 'u' and 'me' The data to the server will still be encrypted Just my 2cents --MATT
|
|
#16
12-15-2004, 05:20 PM
|
||||
|
||||
|
Re: More on shared ssl and security warning pop up
I wasn't aware of this issue since I haven't tried to use it yet. I think the primary purpose for having ANY sort of SSL on a site is for perceived security on the part of the sites customers. If the shared is still working as stated above, there will be no perception of a secure environment.
Can someone clarify if the $25 discount still stands or if the issue has been resolved? Also, does anyone have any experience with the Comodo/InstantSSL reseller program? I'm assuming one would need a dedicated server to take advantage of something like that. David
|
|
#17
12-16-2004, 02:21 AM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
It also might be worth having a word with who answered karens refund request. They said "I'm sorry we weren't able to do the impossible for you."
- That's very poor, that person needs proper training on dealing with paying customers. Everyone Else: In reality a un-trusted root isnt any less secure than a trusted one, - True, but 99% of punters out there don't know that. As soon as they get a warning pop-up as they are reaching for the credit card in their back pocket they will panick and close their browser, never to return to your site. As is, the shared SSL is worthless in my opinion.
|
|
#18
12-16-2004, 04:06 AM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
Quote:
The problem as i see it in this thread is that people are saying that hostgator are not providing shared ssl, they are providing, just not to the standards that you expected. No where do they say that there shared ssl is a trusted root. --MATT
|
|
#19
12-16-2004, 12:21 PM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
Quote:
No-one has said that HG tried to tell them the SSL came from a trusted root. It is however, a little disingenuous to have a Shared SSL certificate that turns out to be more or less unusable (as a reseller, have you managed to sell space to an eCommerce customer who is happy to have this warning pop-up when his customers try to buy from him - I doubt it, good luck to you if you have).
|
|
#20
12-16-2004, 06:11 PM
|
|||
|
|||
|
Re: More on shared ssl and security warning pop up
Quote:
"Q. What is the difference between shared ssl and private ssl? A. A shared ssl displays as https//ip/~yourusername/ A private ssl would display as https://www.yourdomain.com in the address bar." And that's it. To me that sounds a lot like the only difference between a shared ssl and a private ssl is the url. So for me, reading that before i signed up to my package, i sure as hell thought i'd be getting a shared ssl signed by a trusted root! personally i think i was misled (probably unknowingly, but hostgator should definately edit their faq page)
|
|
#21
12-17-2004, 03:27 AM
|
|||
|
|||
Re: More on shared ssl and security warning pop up
Quote:
However, i do agree that hostgator should make it more clear that its untrusted, or buy a trusted one. Quote:
Im not trying to defend hostgator, nor am i trying to get at them. Im trying to show both side of the argument, as really i dont think either is right. Host gator provided what they said they would provide, however they didnt make it clear it wasnt what you expect during signup. --MATT
|
 |
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -6. The time now is 01:24 AM.