ssl confusion

[monyamic]

I have tried getting an answer from support but don't seem to be getting anywhere so I am having a go here. I think it is a fairly straight-forward issue but am going set a few definitions first.

'the pop-up' - this is the warning that appears if a website (OSCommerce for instance) is operating with a shared certificate
'my domain' - my main reseller domain
'client domain' - the domain owned by a client and hosted by me.

OK. Here's the question.

If I purchase a private certificate for my domain will my client still get the pop-up on the client domain?

Thanks

Quote:

Originally Posted by monyamic

I have tried getting an answer from support but don't seem to be getting anywhere so I am having a go here. I think it is a fairly straight-forward issue but am going set a few definitions first.

'the pop-up' - this is the warning that appears if a website (OSCommerce for instance) is operating with a shared certificate
'my domain' - my main reseller domain
'client domain' - the domain owned by a client and hosted by me.

OK. Here's the question.

If I purchase a private certificate for my domain will my client still get the pop-up on the client domain?

Thanks

They wouldn't but they would have to access https through https://yourdomainname/~theircpanellogin/

make sense?

[Serra]

(Ben go in a few seconds before me, but this is what I said before I saw Ben's reply... which is much more concise.)

Try searching the forum next time, we just discussed this a few days ago.

The problem is a shared certificate goes under something like:
https://hgdomain.com/~username.

The cart or secure site goes under:

https://YourDomain.com

When you try to access the cart using yourdomain.com the security cert says, "Wait, I'm https://hgdomain.com/~username". The browser sees that it is different and issues the warning.

The private certificate will solve the problem, provided you purchase it under https://YourDomain.com and only use https://YourDomain.com as your domain. (no subdomains or add-on domains)

Serra that is wrong,

If you buy a SSL for your primary reseller domain of say "https://www.test.com", you just have to let us know you want to use it with your clients and then you can use:

https://www.test.com/~theircpanelusername/ and it will work fine, no error popup as you are accessing it through the bought domain.

Thanks, Ben

PS, the only reason our shared certificate says that is its self signed and not issued by a trusted company. Thus it pops up to say that.

And another thing, the only thing a SSL looks at is the root domain such as test.com or www.test.com, unless you bought it for a subdomain such as secure.test.com.

[monyamic]

thanks for the response. I think I am getting nearer to understanding. It is no problem sorting out the client path to https as long as once he was there no pop-up occurred. One of your help staff suggested that users are most confident when they see https//www.clientdomain.com but to be honest I think as long as it's not stuck in their face that the certificate may be dodgy (although we all know it isn't) they would be likely to miss looking at the address bar.

I would be happy to pay the $75/year + $2/month in order to prevent the pop-up occurring on all my clients' sites.

Thanks

Quote:

Originally Posted by monyamic

thanks for the response. I think I am getting nearer to understanding. It is no problem sorting out the client path to https as long as once he was there no pop-up occurred. One of your help staff suggested that users are most confident when they see https//www.clientdomain.com but to be honest I think as long as it's not stuck in their face that the certificate may be dodgy (although we all know it isn't) they would be likely to miss looking at the address bar.

I would be happy to pay the $75/year + $2/month in order to prevent the pop-up occurring on all my clients' sites.

Thanks

Yep depends on who you are targetting if it matters, usually if you offer it free for your clients eventually they will get their own if their business is doing well. Or they can start with one.

Thanks, Ben

[Stef]

Quote:

Originally Posted by GatorBen

Serra that is wrong,

What you say Ben is right: if you have an SSL for www.test.com it will work fine for the client if he uses the URL https://www.test.com/~theircpanelusername/

But what Serra said is also correct: if the SSL is for Monyamic's main reseller domain it will not work for the domain owned by a client and hosted by Monyamic (as he asked in his post), simply because it are different domains.They will have to do it the way you described or buy their own SSL cert.
It's possible the cart (or whatever app the client want to use on their domain) is designed in such a way it always goes to www.domain.com/... and not to https://www.resellerdomain.com/~cpanelusername/... In that case only a private SSL for the client can be used.

Hope this didn't cause even more "ssl confusion" for Mony.

Stef.

Ah my bad, I was confused too it seems

[monyamic]

Thanks for this discussion. My client has OSCommerce on his site which he installed using fantastico. During installation one is asked to put in the path to the secure server.

From what I understand, if I have a private certificate on my main reseller domain and the client enters (without the htts:// bit or the trailing / as per instructions) https://www.mydomain.com/~clientcpanelusername/ he will not get the pop up BUT people will see something other than his domain name in the address bar (if they care to look) and the ONLY way to avoid this is to have the client get their own private certificate for their own site.

If this is the case then getting a private certificate for my main reseller domain which can be used without the pop up seems a reasonable first step.


BTW I did search the forum but found I was going around in circles trying to get to grips with what was being said so decided to ask the question in my own way.