[thelist] eCommerce / Secure Cert / domain path question
Brian White - WebHostingSolutions.com
bwhite at webhostingsolutions.com
Sun Jul 18 15:58:22 CDT 2010
>>>A client has website abc; wishes to add abc/some_other_service and
>>>perhaps abc/some_otherservice2
>>>
>>>www.abc.com
>>>www.abc/some_otherservice1
>>>www.abc/some_otherservice2
>>>
>>>The subservices will operate, appear to operate independently.
>>>Because it's all living under the shadow of www.abc.com will the
>>>secure certificate implemented for www.abc.com work with the
>>>subservices? Assume that the subservices will have a different
>>>look/feel, but any dollars generated end up in the same pockets.
>>>
>>>--
>>>Bob Meetin
>>>dotted i
>>>303-926-0167 (home/business)
>>>www.dottedi.biz/blog.php
>>
>>If the secure certificate was purchased for abc.com, then yes,
>>anything under/trailing abc.com can be secure, as long as the links
>>begin with https and of course include abc.com as the qualified
>>domain in the URL.
>>
>>Regards,
>
>==>>>> To be clear, cert for abc.com works for https:://abc.com, not for
>https://www.abc.com/. And a wildcard cert for *.abc.com does not work for
>http://abc.com/ (but *.abc.com works). And cert for www.abc.com only works
>for https://www.abc.com, not https://abc.com. <<<<==
>
>Thanks, yes I'm reading all the messages including the ones that
>came after this. Am I understand this and the following threads
>correctly? Although subfolders would be secured we would still need
>to cover the various user connection methods?
>
>We purchase a certificate for www.abc.com, so
>
>www.abc.com
>www.abc.com/service1
>www.abc.com/service2
>
>are covered, but not:
>
>http://www.abc.com
>http://www.abc.com/service1
>http://www.abc.com/service2
No. If you purchase a secure cert that allows for use both with and
without "www", you're all set.
>If we set up redirection in the .htaccess so that:
>
>abc.com
>www.abc.com
>etc.
>are all redirected to http://www.abc.com, will that cover the
>problem? Otherwise, would the GlobalSign handle this? This is just
>a bit confusing.
Yes, the Globalsign certs that we resell can handle that. There needs
to be the proper setup on the server as well, but it shouldn't
present a problem in most situations.
>Another option I hadn't considered would be to set up a single
>master payment type website so that all payments get redirected.
That's more of a "how to do business" question than a technical one.
When you first mentioned that the different services under the same
domain would "operate independently", I wondered why they'd want to
use the same domain on the purchase page for the otherwise
"independent" services. How to explain that to customers looking to
buy something on the Web site and then being taken to a different
domain for checkout?
If you do get one domain to handle only the purchase/checkout
process, you'd still want to at least try to make some kind of
connection between the businesses/services, otherwise it would be
best for each one to have its own checkout page/domain.
>Bob Meetin
>dotted i
>303-926-0167 (home/business)
>www.dottedi.biz/blog.php
Regards,
--
Brian White
President - WebHostingSolutions.com
"Because Every Click Is A Customer"
Web Hosting \ Web Design \ E-Commerce
1-888-522-3738
Please follow us on our
<http://www.facebook.com/pages/Columbus-OH/Web-Hosting-Solutions/254634746811>Facebook
page
More information about the thelist
mailing list