Hi. This might be the wrong forum to post this in, but I'm a little confused with what a SSl certificate is. As far as I can guess it's some way of telling your website visitors that your website is secure. But do hosts need this if they use a system such as 2checkout?

The simple rule is that you should never supply information that you consider sensitive to a non secure server.

Therefore, if you are asking your customers to provide information that they might consider sensitive, such as their home address or bank/credit card details, you should be using an SSL secure server.

As long as you are not asking your customers to provide sensitive information to your site, then you do not need a secure server yourself. 2checkout.com does use a secure server to collect sensitive data, so you either need to make sure that only 2checkout.com is collecting sensitive data from your customers, or that if you are collecting any sensitive data from your customers that you are using a secure server to do so.

Also there are two ways to get it :
1. from a worldwide provider (www.thawte.com, www.verisign.com ...) and it will be recognized by any browser and will give your clients the trust in your system
2. a server generated certificate not regognized by anyone but your server but more cheaper

Good luck :)

Your host might also provide use of their SSL as well to secure the page if needed.

Thanks. So a SSL certificate is merely a certificate to show that your server is secure, just so you have you clients knowing that your server is secure. I think I got it.

Thanks.

IE will also show a little yellow padlock in the bottom right corner of the browser to show that the page you are looking at is secure.

go to verisign's website they have extensive documentations about SSL. Once you completed reading them you can easily claim to be an internet security consultant....:)