I don't know much about SSL but I know enough that I need to have it and offer it for my customers. I heard that SSL can only be used on one domain, is this true? If it's true, should I get a 3 letter domain and use that as my SSL domain so it would be easier to type for my clients since dynamixhosting can be a pain to type. Not just that, it would also look better. I use WHM/Cpanel so if there's any other way to allow that to happen without going through the trouble please let me know. Please post your opinions and suggestions. If you're going to be rude, please don't bother ... waste of my time and others' times.

Thanks ahead of time for your time.

Maybe you should offer it with Fries?

I believe you can buy a wildcart cert that will cover your server.

Or you can have the main domain of the server with the ssl and ofer your clients a link e.g
https://securedomainonserver.com/~customer/
This would work on cpanel but dont forget that customers that use this will not be montiored by bandwidth properly.

Regards
Phillip

SSL Certificate would require a Dedicated IP address and as to how you want to structure the hostname and domain name, it is really up to you. You could set it up as 'secure.dynamixhosting.com' or registered an indepedent domain name like 'dmx.com' or 'secure.dmx.com'. As long as it is not sharing an IP address, it is okay.

Yes, it is true in theory that you need one SSL per domain name as it needs to correspond to the hostname.domain.com pipe. If you require 'dmx.com' only https://dmx.com would work with the SSL and not other links. If they do, there would be a warning which tells the user that the url is not the same as on the certificate. Not very nice to do.

The other way is if you apply the SSL for your main hostname.domain.com then you could set the other sites would work as https://hostname.domain.com/username/index.html or something like that.

Which way would you suggest that I'd take?

By setting individual SSL for your clients, it would definitely look more professional for them but each would require their own IP address. But it would not be cheap since you need one cert per customer.

If you do the sharing SSL, the only benefit is that it is cheaper.

I am not sure how the wildcard SSL works but I thought it is for same domain name but different hostname. But I am no expert in that avenue.

By the way, do you provide secured ordering form for those signing up for your plans ?

i believe "offically" if you're using a cert in that manner (ie, for many users) you're support to purchase a wildcard cert. (i think basically the SSL companied realized everyone was doing that any they thought it was a bit unfair...)

a wildcard cert (traditionally) secures a domain and all it's subdomains.

ie, you could purchase *.domain.com which would then be valid for:

https://www.domain.com
https://look.at.this.sub.domain.com

etc...

Yes I offer a secured ordering form. Which wild card would you guys suggest?

I would have thought that wildcard just means that it will offer SSL support to all subdomains of that domain only but is not paid to support multiple domains on the same server. For that you still need one SSL per site per IP.

Something like what Geotrust is offering, check the example out :- http://www.geotrust.com/true_businessid/wildcard/index.htm

I think he means to buy a regular certificate and if you want to offer "shared ssl" you could register the domain as *.domain.com instead of secure.domain.com. Then setup each subdomain for each client who wants shared ssl and great, you got a solution :) Not sure if thatll work or not but ....

sorry for the confusion, the best thing would be to ask an SSL company i suppose, but from my understanding,

if a hosting company wants to secure mutiple sites:

ie https://secure.com/~user

the SSL company will insist you buy a wildcard cert. why? not cause that makes sense (from a functionality perspective) but rather because they want to recoup some fees on you using SSL for more than one account.

ie. you could just purchase https://secure.com and use it in the above manner, but i *think* the SSL company does not approve of this sort of thing anymore...

i think also, they've taken to artificially restricting a wildcard cert to one machine.

ie. if you purcahse *.domain.com

and had:

server1.domain.com, you couldn't (officially) copy the wildcard cert onto another machine to secure server2.domain.com

anyhow, that's just how i understand it, i could definitely be wrong... :)

I'm still confused :confused:

The way I offer shared SSL is that the certificate is registered to the name and IP of the server, then all can use it using something like this:... https://192.168.1.100/~admin69/paymentpage.html Of course every domain has their own admin number. Anyway, it works good for Ensim.

Can you actually use a numeric IP address in the https:// without it warning the visitor that the same is not similiar to that of the certificate ? Because when I do that, it coughed that the 'name on the certificate is invalid or not the same'.

I wasn't aware that the SSL cert vendors allows you to register your IP address instead of your hostname.domainname. Interesting.

I'm a little confused but a lot happier since I see where you're all going with this.

I heard that it can be very easy to provide shared SSL if you provide a secure folder?? They said that the customer gets a folder in their FTP that's named 'Secure files' and they go from there ... I'm not sure if that works for Cpanel. Can anybody help me out here?

You could do anything but I guess you would need to configure httpd.conf to support the redirect for the SSL pages. I am not verse enough to advice you there but you could find the resources around to do that.

Thanks for the help guys ...