The host I am thinking about using for my e-commerce site (alwayswebhosting) does not allow you to use your own SSL certificate. They want you to share theirs. Is there anything wrong in doing this? If I decided to move to another host in the future, will this affect me in any way?

No. It's simply a place to run your secure data through. So long as the SSL cert isn't self-signed your users will have no problem accessing SSL-encrypted info.

What you may want to look out for:
- Professionalism. Not a big issue, but your secure stuff will likely run through an AWH domain/subdomain.
- If you leave you'll have to change links around for a new site. Usually have to do this anyways though.

Sincerely,

-Matt

There's nothing wrong with it at all. To call pages securely, we use the form of

https://servername/~username/yourfile

for our customers and it works great.

-Lamar

Originally posted by blacktegse
The host I am thinking about using for my e-commerce site (alwayswebhosting) does not allow you to use your own SSL certificate. They want you to share theirs. Is there anything wrong in doing this? If I decided to move to another host in the future, will this affect me in any way?

It sounds like they want you to not use a dedicated IP from RackShack since it cost so much ($25.00 set up and $1.00/mo each IP Address ).

If you are running e-commerce, I would highly recommend getting a private cert and not sharing. You can buy a cert and transfer it to your new host later also.

Originally posted by UmBillyCord


It sounds like they want you to not use a dedicated IP from RackShack since it cost so much ($25.00 set up and $1.00/mo each IP Address ).

If you are running e-commerce, I would highly recommend getting a private cert and not sharing. You can buy a cert and transfer it to your new host later also.
Yep. If you're serious about your business, you won't be using any shared SSL. Hit them for a dedicated IP. ;)

We're jsut the opposite. We require everyone to use their own SSL cert...

No browser warnings, No changing domains in the URL, etc..

I agree withe the "get your won" mob! If you're running an e-commerce site, you would surely rather people see the SSL certificiate in your sites name, not your hosts?

Originally posted by reseller
I agree withe the "get your won" mob! If you're running an e-commerce site, you would surely rather people see the SSL certificiate in your sites name, not your hosts?
Also, if you're running a serious e-commerce site, get your own server too. :)

Errrr won = own. Damn typos

Originally posted by reseller
Errrr won = own. Damn typos
We'll let it slip this time. But if this happens again, you know the punishment...:buck:

Originally posted by Aussie Bob

We'll let it slip this time. But if this happens again, you know the punishment...:buck:

lol whats the punishment? huh huh?

Oh not the spanking with a pentium one server again!!

-5 pts. spelling

Reminds me of high school English class.:)

If seeing any name other than your domain name on the ssl bothers you (or you think it will bother your customers), you should get your won cert. LOL

If you are not picky, use the shared.

-Lamar

:( :bawling:

A self-signed certificate may be better than using a shared one. Personally, I think self-signed certificates are great!

My "opinion" on the matter...

Self-signed certificates are free, the host's name doesn't show if you get your own IP, and the info is still encrypted, which is the main thing you should be interested in. Self-signed certificates are also more compatible and work on almost every browser. You can even put a little javascript in your SSL pages to cancel the popup.

... and I could be wrong. :(

Self-signed certs will generate a security pop up dialog though.

I see no reason why AWH won't let you buy an IP if you give them $25 set up and a yearly fee. Offer them $40 for the lot and they will sort you out, I'm sure.

Originally posted by NexDog
Self-signed certs will generate a security pop up dialog though.


I believe you can defeat the popup by adding this between the <HEAD> and </HEAD> tags in your files.

<SCRIPT language="Javascript">
onAlert=return true;
</SCRIPT>

Damn, that would be cool. If only I had time to test it......:D