SSL Certificate

pd2006 · Apr 18, 2010

Hi Guys

I have a new website that I will be launching soon and on the site there is a form that can be filled in, it will contain a persons details so I want to make the site secure, how do I do this? Im using a developer from scriptlance to do the site for me and on searching sites google seem to be the cheapest ssl cert to purchase? is this easy to set up on my site or how do I go about making the site secure. Sorry if seems a dumb questions as IM not to savy on website security.

Connexions · Apr 18, 2010

Hi,

You need two things:

1. Dedicated IP address, contact your hosting provider for this. They will probably charge a small amount for month for this.

2. SSL Certificate. You can either also get this from your hosting provider, or alternatively google for them. They take a bit of setting up, but the main thing you have to do is create the 'SSL Certificate Signing Request (CSR)' - then send all the information to your host to install unless you know how to do it yourself. If you have cpanel its in there.

J-Wholesale · Apr 18, 2010

What do you mean by "person's details"? If it's just email address and name, then you don't need an SSL certificate. I'd go so far as to say if it included name and address information you wouldn't need an SSL certificate either. This information is all available in phone books and on the electoral role for anyone to read.

You only need an SSL cert if you're asking for sensitive information, which means credit card or banking information. An SSL cert for anything else is overkill.

snakeeyes121 · Apr 18, 2010

J-Wholesale said:
What do you mean by "person's details"? If it's just email address and name, then you don't need an SSL certificate. I'd go so far as to say if it included name and address information you wouldn't need an SSL certificate either. This information is all available in phone books and on the electoral role for anyone to read.

You only need an SSL cert if you're asking for sensitive information, which means credit card or banking information. An SSL cert for anything else is overkill.

Yes but will potential customers see it like that?
A lot of people wont feel safe entering even the most basic details if its not secured, and for £20 a year its hardly worth missing out on sales.

As for what one to get I would recommend Rapid SSL @ £13.70 a year or Alpha SSL @ £25.00 a year, its pointless going for the ones that cost hundreds, they all do the same thing.

http://www.trustico.co.uk/products/rapidssl/cheap-rapidssl-ssl-certificate.php

http://www.prontossl.com/alphassl

MH-Nick · Apr 18, 2010

J-Wholesale said:
You only need an SSL cert if you're asking for sensitive information, which means credit card or banking information. An SSL cert for anything else is overkill.

To add to what snakeeyes121 said, other sensitive information that you would want secured are passwords. Just because you enter a password as ●●●●●●●●● doesn't mean that's how its sent.

J-Wholesale · Apr 18, 2010

MH-Nick said:
To add to what snakeeyes121 said, other sensitive information that you would want secured are passwords. Just because you enter a password as ●●●●●●●●● doesn't mean that's how its sent.

This very forum doesn't have any security when you enter your password, and we all know that many people use the same password for everything online. For a long time even Yahoo didn't use secure pages for username and password entry. Most forums don't and nobody cares.

The average person does not think security until it comes to money. They look for the padlock before entering a credit card number or before typing their password into PayPal or their bank's website. Beyond that, they simply don't think to care.

Not an ideal situation, but the truth nonetheless.

matt4 · Apr 19, 2010

Make sure you get the correct bit. 40 bit isn't generally used any more because its entirely crackable.

128 bit is computationally unfeasible to crack. All banking sites use this encryption. 256 encryption is also available (maximum protection but costs a lot more)

Those sites sell all of the certificate types I have mentioned.

Cheers,

psmuk · Apr 19, 2010

I noticed while browsing google, pronto seem to be running an offer at the moment, very large savings on QuickSSL Premium's. After researching the Premiums they give a very high mobile browser compatibility, and 128bit, at there current price's the 3 year price seems the best deal at the moment.

Goto there main page and look at the bottom where it lists offers/promotions.

Hope someone finds this helpful

psmuk

officecore · Apr 22, 2010

Try
godaddy.com
or
Instantssl.com

Instantssl give you a 90 day trial,
I setup countless company mailservers to use https for the use of accessing webmail and windows mobile.
Getting the actual SSL is a bit of a pain as you need to jump through quite a few hoops for them to satisfy their security questions, which of course is only to be expected.
You will need to generate a CSR but all this is on either site in plain simple terms to follow, you will need to find what type of webserver your website is hosted on to be able to proceed with the certificate request. This may be your sticking point, whoever hosts your website should be able to tell you this, if someone else hosts it for you it may well be easier to get them to do the whole thing for you as they have access to everything, normally I have access to the servers so its easier to set it all up.
If you need more help just PM me,

blloyd · Apr 22, 2010

I would second the recommendation for Trustico. Their service is quick, cheap and to date, problem-free.

They also have an extensive tutorial directory for almost every web server platform out there which is very useful. Worth keeping a note of even if you do use another supplier in the end

leemason · Apr 23, 2010

If you are storing personal details do you need to register with the Data Protection Registrar?

ServWise · Apr 27, 2010

We sell Geotrust RapidSSL for only £8.42GBP/yr + vat in case you're interested.

We are also one of the best value Geotrust, SBS and Verisign retailers.

See our prices at http://www.servwise.com/en/low-cost-SSL-certificates.htm

5wire · May 5, 2011

NetConneXions said:
Hi,

You need two things:

1. Dedicated IP address, contact your hosting provider for this. They will probably charge a small amount for month for this.

2. SSL Certificate. You can either also get this from your hosting provider, or alternatively google for them. They take a bit of setting up, but the main thing you have to do is create the 'SSL Certificate Signing Request (CSR)' - then send all the information to your host to install unless you know how to do it yourself. If you have cpanel its in there.

As said, you'll need your host to generate you an SSL Certificate Signing Request, but not all SSL certificates entitle to you to the Green Bar effect as you may see on some websites when you are going through their HTTPS. GeoTrust SSL Certificates are relatively cheap if you want the "Green Bar" effect.

OliviaSSLGuru · May 17, 2011

I would like to recommended RapidSSL WildCard Certificate to make secure your entire website including sud domains. I have bough my own RapidSSL WildCard Certificate from RapidSSLonline.com and they are excellent with pricing and end to end installation process.

thomaspaul · May 19, 2011

I suggest you to GeoTrust Quick SSL Premium Certificate to make secure Domain and Sub Domain with installing of only one SSL Certificate and Secure also WWW and NON-WWW Domains Also. with easy availability of SSL Certificate

nancy_r · May 19, 2011

QuickSSL does not secure subdomain. To secure subdomain you need to purchase WildCard Certificates only.

thomaspaul · Aug 31, 2011

If There is Price Mantter Then You can Buy RapidSSL Wildcard Certificate At Very Low Price just $119 For 5 year. From TheSSLstore.com

SSLMatrix · Sep 12, 2011

nancy_r said:
QuickSSL does not secure subdomain. To secure subdomain you need to purchase WildCard Certificates only.

Definitely QuickSSL Premium Certificate does not secure subdomain. Wildcard SSL Certificate is only way to secure subdomains.

andygambles · Sep 12, 2011

QuickSSL Premium certificate can and does secure subdomains. However you must specify the exact subdomain in the SSL certificate.

For example a QuickSSL Premium can (and does) secure https://support.servertastic.com/

If you want to secure multiple subdomains with one certificate then you will need a wildcard.

Anjam · Sep 12, 2011

Wow so many suggestions of SSL providers but no one has said that an SSL certificate does not make your website/server secure. It provides re-assurance to your visitors and encrypts the data while in transit but does not make your website/webserver any more secure.

A good coder makes for a secure website.

Dominic Taylor · Sep 13, 2011

Anjam said:
Wow so many suggestions of SSL providers but no one has said that an SSL certificate does not make your website/server secure.

Donhost would disagree - their on hold message mentions (or did last time I called them a few months back):

"Is your website secure? Add an SSL for only £300 per year"

Anjam · Sep 13, 2011

Dominic Taylor said:
Donhost would disagree - their on hold message mentions (or did last time I called them a few months back):

"Is your website secure? Add an SSL for only £300 per year"

Can't argue with the Don :|

ukwebhosting · Sep 13, 2011

Hi,

To meet the expectations of all your customers you should add an SSL certificate even if your not handling payment information and only address details etc.

People do expect and are told to look for the padlock these days and they do not know or understand who handles the payment it means nothing to them they are just looking for the reassurance of the padlock.

If you meet the criteria of http://www.cabforum.org/vetting.html

And purchase any our our ssl certificates we will upgrade it to an extended validation (EV) certificate free of charge.

Thanks

Paul

kerrylinux · Sep 13, 2011

Dominic Taylor said:
Donhost would disagree - their on hold message mentions (or did last time I called them a few months back):

"Is your website secure? Add an SSL for only £300 per year"

This is clearly misinformation. A secure website (secured with a SSL certificate) can only provide two things:

a) you are connected to the server you intended to contact
and
b) all your input is transferred in encrypted form to the server.

Once your information has arrived at the server, it will be decrypted and in the worst case stored unprotected on this machine. That's why a SSL certificate alone cannot secure a website, it all depends on what the server does with your information. Have a look at a more detailed analysis of this problem.

Dominic Taylor · Sep 13, 2011

kerrylinux said:
This is clearly misinformation. A secure website (secured with a SSL certificate) can only provide two things:

a) you are connected to the server you intended to contact
and
b) all your input is transferred in encrypted form to the server.

Once your information has arrived at the server, it will be decrypted and in the worst case stored unprotected on this machine. That's why a SSL certificate alone cannot secure a website, it all depends on what the server does with your information. Have a look at a more detailed analysis of this problem.

Indeed - fortunately I haven't had to call them since we cancelled the one server we had with them which we gained due to an acquistion (we migrated all clients in-house of course). I used to enjoy listening to it whilst on hold for their 24x7 support. 45min was my record...

Cookie Consent

Essential

Analytics

Marketing

SSL Certificate

pd2006

snakeeyes121

MH-Nick

matt4

blloyd

leemason

nancy_r

kerrylinux