[thelist] eCommerce / Secure Cert / domain path question

Bob Meetin bobm at dottedi.biz
Sun Jul 18 10:12:30 CDT 2010

Brian White - WebHostingSolutions.com wrote:
>> A client has website abc; wishes to add abc/some_other_service and 
>> perhaps abc/some_otherservice2
>> www.abc.com
>> www.abc/some_otherservice1
>> www.abc/some_otherservice2
>> The subservices will operate, appear to operate independently. 
>> Because it's all living under the shadow of www.abc.com will the 
>> secure certificate implemented for www.abc.com work with the 
>> subservices?  Assume that the subservices will have a different 
>> look/feel, but any dollars generated end up in the same pockets.
>> -- 
>> Bob Meetin
>> dotted i
>> 303-926-0167 (home/business)
>> www.dottedi.biz/blog.php
> If the secure certificate was purchased for abc.com, then yes, 
> anything under/trailing abc.com can be secure, as long as the links 
> begin with https and of course include abc.com as the qualified domain 
> in the URL.
> Regards,

==>>>> To be clear, cert for abc.com works for https:://abc.com, not for
https://www.abc.com/.  And a wildcard cert for *.abc.com does not work for
http://abc.com/ (but *.abc.com works).  And cert for www.abc.com only works
for https://www.abc.com, not https://abc.com. <<<<==

Thanks, yes I'm reading all the messages including the ones that came after this.  Am I understand this and the following threads correctly?  Although subfolders would be secured we would still need to cover the various user connection methods?

We purchase a certificate for www.abc.com, so


are covered, but not:


If we set up redirection in the .htaccess so that:


are all redirected to http://www.abc.com, will that cover the problem?  Otherwise, would the GlobalSign handle this? This is just a bit confusing.

Another option I hadn't considered would be to set up a single master 
payment type website so that all payments get redirected. 

Bob Meetin
dotted i
303-926-0167 (home/business)

More information about the thelist mailing list