More SSL questions...

[Thomas]

I'll start by saying that HG's shared SSL feature was a strong selling point for me. But the Cert warning just won't fly. Very disappointing. So now I'll be purchasing my first SSL cert. Looking for advice...

Registerfly.com is selling a "starter SSL" for $24.99. It seems to be nearly identical to thier $99 Geotrust cert, but without the recognized brand name.

Knowing that Hostgator charges $50 to install any 3rd party cert, I've had the attitude that an extra $25 is worth it to keep the eggs in one basket and go with the HG $100 package. This way, if there's a problem I won't have two companies each claiming the other is at fault.

Anyone have any opinions on this issue? I'd like to get it right the first time.

[tjs]

Quote:

Originally Posted by Thomas

I'll start by saying that HG's shared SSL feature was a strong selling point for me. But the Cert warning just won't fly. Very disappointing. So now I'll be purchasing my first SSL cert. Looking for advice...

Registerfly.com is selling a "starter SSL" for $24.99. It seems to be nearly identical to thier $99 Geotrust cert, but without the recognized brand name.

Knowing that Hostgator charges $50 to install any 3rd party cert, I've had the attitude that an extra $25 is worth it to keep the eggs in one basket and go with the HG $100 package. This way, if there's a problem I won't have two companies each claiming the other is at fault.

Anyone have any opinions on this issue? I'd like to get it right the first time.

I purchased a private cert through hostgator and I'm sharing it with my clients. I simply create a sub with their user name and give it ftp access. So long as the page linking to their form, the form itself and the thankyou page are on my server their is no mismatched ip warning. They also have to use my cgi script so there is a little extra work setting it up, but only a few minutes. Just an idea that works for me.
Tracy Smith
webhost@wichitasgateway.com

[Thomas]

That is an excellent solution. Thanks!

Question: How does this appear in the address bar when a secure page is accessed? Your domain?... Your IP + /username?...

[GatorBrent]

Quote:

Originally Posted by tjs

I purchased a private cert through hostgator and I'm sharing it with my clients. I simply create a sub with their user name and give it ftp access. So long as the page linking to their form, the form itself and the thankyou page are on my server their is no mismatched ip warning. They also have to use my cgi script so there is a little extra work setting it up, but only a few minutes. Just an idea that works for me.
Tracy Smith
webhost@wichitasgateway.com

An easier way would be to just use yourresellerdomain.com/~yourclient'scpanelname/, that should work fine, let me know if you have any problems. That way you don't have to setup an FTP and such.

Thanks, Ben

[gregw]

Why don't you just let HostGator install their comodo certificate for you? It costs $75 and includes installation. I had them do it 2 days ago and it works great! One thing: make sure you specify either www.yourdomain.com or just yourdomain.com. Whichever you choose, your secure URL link should reflect the same or you will get an ssl warning message.

Out of curiosity, why doesn't HG allow SSL installation via WHM?

[Thomas]

Okay, HGs Comodo SSL has been installed on my main account and I intend to share it. Could use a little direction before I start building....

I believe Tracy's solution involves putting all the clients secure pages, shopping cart checkouts, or what have you- in a sub under my own reseller domain. Like this? https://clientsdomain.mydomain.com/securepage.html That makes sense.

But I'm not following Ben. Does this also involve placing stuff in a sub, or is there some passthrough process that I should know about? I tried https://mydomain.com/~clientsusername/securepage.htm - no go.

Did I miss something or is a subdomain the only way to share the SSL?

Thanks for the helps!

[Stef]

Thomas,

Quote:

But I'm not following Ben. Does this also involve placing stuff in a sub, or is there some passthrough process that I should know about? I tried https://mydomain.com/~clientsusername/securepage.htm - no go.

https://yourdomain.com/~clientusername/ should work. You have to be sure though if you user "yourdomain.com" that your SSL certificates FQDN is also "yourdomain.com". If it is "www.yourdomain.com" it should be https://www.yourdomain.com/~clientusername/

Stef.

[Thomas]

Quote:

Originally Posted by Stef

Thomas,

https://yourdomain.com/~clientusername/ should work. You have to be sure though if you user "yourdomain.com" that your SSL certificates FQDN is also "yourdomain.com". If it is "www.yourdomain.com" it should be https://www.yourdomain.com/~clientusername/

Stef.

Nope, doesn't work. I get the "contains both secure and non-secure items" warning as it brings up my own 404 page.

[Stef]

Quote:

Originally Posted by Thomas

Nope, doesn't work. I get the "contains both secure and non-secure items" warning as it brings up my own 404 page.

This warning usually means exactly what is says: your pages contains secure and non-secure items.
This could be f.e. if you have an image on that page that is defined as an URL instead of a relative link. If the URL goes to http://... it is indeed a link to a non-secure page.
You could also have f.e. a header or footer included in your page that contains links to a non-secure page.
Can you check that?

Stef.

[Thomas]

Quote:

This could be f.e. if you have an image on that page that is defined as an URL instead of a relative link. If the URL goes to http://...

Thanks- you are right! My 404 page does have an image defined as a URL. But why the 404 instead of my clients site? I'm thinking, since the SSL installation I now have a dedicated IP (unlike my clients), so the link-through on the clients username can't work anymore. Make sense?

[prhost]

Quote:

An easier way would be to just use yourresellerdomain.com/~yourclient'scpanelname/

Have tried mydomain/~clientcpanelname/clientpage.htm

but the same result as Thomas. Goes to my 404 page instead of the clientpage.htm with secure status of my SSL.

[prhost]

Quote:

An easier way would be to just use yourresellerdomain.com/~yourclient'scpanelname/, that should work fine, let me know if you have any problems. That way you don't have to setup an FTP and such.

Does not work....letting you know.

[GatorJustin]

Thomas, I am forwarding this thread to Ben who should be able to provide further support. I will keep an eye on it to make sure it is not forgotten.

-Justin

[Thomas]

Quote:

Originally Posted by GatorJustin

Thomas, I am forwarding this thread to Ben who should be able to provide further support. I will keep an eye on it to make sure it is not forgotten.

-Justin

Thanks Justin,
For the record, I've gone ahead and set things up similar to what Tracy described at the beginning of the post. I made a sub on my own account that uses the clients domain name (minus the dot com), and placed the clients secure pages/scripts there. Access is like this:

https://mydomain.com/clientsname/securepage.htm

Fortunately the client is cool with having my domain name in the mix - the cost savings also helps to convince. Otherwise, sharing the SSL would be out of the question. Honestly, if he had to choose between this URL and https://mydomain.com/~clientsusername I think he would choose what he has now. Having his own domain name in there means a lot.

I should also mention that this guy, like most of my clients, is completely hands off. They don't even want to see a cPanel, much less an FTP app.

Thanks for all the input everyone!

[karz10]

Just to clarify, the original post says $50 to install thrid party cert, or $100 to acquire and install from HG directly, and another post indicated that it's only $30 to install third party cert, and only $75 to acquire and install directly from HG.

I've found the latter to be what is displayed on HG's site, were those prices lowered since the original poster inquired about previously, or is there some other reason these numbers are different?

Also, the charge for the cert itself, is that a one-time fee, or is it per year? I've seen it sold elsewhere per year, but HG's site does not specify...

Thanks,

Karsten

[Stef]

Karsten,

we sell Comodo 128 bit certificates for $75 and this includes the installation. This is for one year.
If you already have a certificate that needs to be installed there's a $25 installation fee.

Stef.

[Thomas]

Quote:

Originally Posted by karz10

Just to clarify, the original post says $50 to install thrid party cert, or $100 to acquire and install from HG directly, and another post indicated that it's only $30 to install third party cert, and only $75 to acquire and install directly from HG.

I guess I got the $50/$100 off the top of my head. Can't find those numbers anywhere. But don't forget to add another $2/month for the dedicated IP.

HG - FYI: If you go here- http://www.hostgator.com/resellers.shtml -and click on the ? next to Private SSL, it still says $30 installation.

[Stef]

Thomas,

Quote:

Originally Posted by Thomas

HG - FYI: If you go here- http://www.hostgator.com/resellers.shtml -and click on the ? next to Private SSL, it still says $30 installation.

thanks for noting this. I will forward this to the appropriate person.

Stef.

[David]

Quote:

Originally Posted by Stef

Karsten,

we sell Comodo 128 bit certificates for $75 and this includes the installation. This is for one year.
If you already have a certificate that needs to be installed there's a $25 installation fee.

Stef.

Stef,

I have never purchased/setup an SSL certificate before, so could you help explain exactly which Comodo product HG sells and installs for you? For instance the site seal at http://www.hostgator.com/ssl.shtml doesn't look anything like the site seals on http://www.trustlogo.com (run by Comodo). I'm also trying to figure out if it is the InstantSSL or InstantSSL Pro offered at http://www.instantssl.com/ssl-certif...ica&country=US (also run by Comodo). I am thinking it's probably the standard InstantSSL, but it says the site seal is not included with that type of certificate. Just kind of confusing. Thanks...

David

[Stef]

David,

as you can see on the site you mentioned there are different types of certificates like InstantSSL, InstantSSL Pro, etc. You are correct that HG offers InstantSSL. This does not include a free TrustLogo (as is with eg. Pro).
The logo you can put on your site and can find at http://www.hostgator.com/ssl.shtml is the Comodo InstantSSL Secure Site seal. You can also find it in their site's support section

Hope this clears things up a bit,
Stef.

[David]

Quote:

Originally Posted by Stef

David,

as you can see on the site you mentioned there are different types of certificates like InstantSSL, InstantSSL Pro, etc. You are correct that HG offers InstantSSL. This does not include a free TrustLogo (as is with eg. Pro).
The logo you can put on your site and can find at http://www.hostgator.com/ssl.shtml is the Comodo InstantSSL Secure Site seal. You can also find it in their site's support section

Hope this clears things up a bit,
Stef.

Stef,

Thanks for the info. Yes, I do see that site seal on their support section. Let me know if I have this straight now. The free seal that you can display with an InstantSSL certificate (sold by HG) basically validates that your site is SSL secured for financial transactions. The various Trust site seals provide realtime website identity validation (a perceived "touchy feely" for customers) in addition to the SSL secure validation in some cases. I saw one that said "SSL Secure & Authentic Site", another that was just "Authentic Site", one for "Authorized to Accept Credit Cards", and one for Partner sites.

If I'm correct so far, the only thing that still has me confused is the difference between the "SSL Secure & Authentic" and "Authorized to Accept Credit Cards" since they sound like basically the same thing to me. Another appearent overlap is with the standard HG provided SSL seal and those two as well. I guess I should just think of it as the HG seal is the base level SSL authentication, and the Trust Logos are the premium level??? Thanks for your help.

David

[Stef]

David,

that's correct. The TrustLogo delivers your credentials in realtime from the IdAuthority to your customers when they hover over it with their mouse (point to verify). It's only available with the Pro and Premium certificates. So you could indeed see the Secure Seal (for InstantSSL) and the TrustLogo's as a distinction between the different types of certs. Remember thought there's no difference in 'SSL quality' between the certs!

I have no experience with the TrustLogo's myself. Maybe you can ask them what exactly is the difference between the logo's. There should be no difference in the validation procedure to achieve the "SSL Secure & Authentic" and "Authorized to Accept Credit Cards" logo's. Maybe it's just a point of sale... Customers may be more comfortable seeing the 'Credit Cards' logo next to the 'SSL Secure' logo when they actually want to buy something...

Stef.

[David]

Thanks Stef. That makes sense. I just wanted to make sure I was not missing something here in regards to the perceived differences in levels of authentication. Since I am curious, I'm going to inquire with them and see what they say. Will post back here if I get back any useful information.

David