Results 1 to 18 of 18
  1. #1

    Question Sharing an SSL certificate?

    The host I am thinking about using for my e-commerce site (alwayswebhosting) does not allow you to use your own SSL certificate. They want you to share theirs. Is there anything wrong in doing this? If I decided to move to another host in the future, will this affect me in any way?

  2. #2
    Join Date
    May 2002
    Location
    Edmonton, Canada
    Posts
    978
    No. It's simply a place to run your secure data through. So long as the SSL cert isn't self-signed your users will have no problem accessing SSL-encrypted info.

    What you may want to look out for:
    - Professionalism. Not a big issue, but your secure stuff will likely run through an AWH domain/subdomain.
    - If you leave you'll have to change links around for a new site. Usually have to do this anyways though.

    Sincerely,

    -Matt

  3. #3
    Join Date
    Sep 2001
    Location
    Texas
    Posts
    878
    There's nothing wrong with it at all. To call pages securely, we use the form of

    https://servername/~username/yourfile

    for our customers and it works great.

    -Lamar
    Going out of business in our 10th year.

  4. #4
    Join Date
    Nov 2000
    Location
    San Diego
    Posts
    3,407

    Re: Sharing an SSL certificate?

    Originally posted by blacktegse
    The host I am thinking about using for my e-commerce site (alwayswebhosting) does not allow you to use your own SSL certificate. They want you to share theirs. Is there anything wrong in doing this? If I decided to move to another host in the future, will this affect me in any way?
    It sounds like they want you to not use a dedicated IP from RackShack since it cost so much ($25.00 set up and $1.00/mo each IP Address ).

    If you are running e-commerce, I would highly recommend getting a private cert and not sharing. You can buy a cert and transfer it to your new host later also.

  5. #5
    Join Date
    Feb 2002
    Location
    Australia
    Posts
    24,009

    Re: Re: Sharing an SSL certificate?

    Originally posted by UmBillyCord


    It sounds like they want you to not use a dedicated IP from RackShack since it cost so much ($25.00 set up and $1.00/mo each IP Address ).

    If you are running e-commerce, I would highly recommend getting a private cert and not sharing. You can buy a cert and transfer it to your new host later also.
    Yep. If you're serious about your business, you won't be using any shared SSL. Hit them for a dedicated IP.
    AussieHost.com Aussie Bob, host since 2001
    Host Multiple Domains on Fast Australian Servers!!

  6. #6
    Join Date
    Jan 2002
    Location
    San Diego, CA
    Posts
    84
    We're jsut the opposite. We require everyone to use their own SSL cert...

    No browser warnings, No changing domains in the URL, etc..

  7. #7
    Join Date
    Jul 2002
    Posts
    288
    I agree withe the "get your won" mob! If you're running an e-commerce site, you would surely rather people see the SSL certificiate in your sites name, not your hosts?

  8. #8
    Join Date
    Feb 2002
    Location
    Australia
    Posts
    24,009
    Originally posted by reseller
    I agree withe the "get your won" mob! If you're running an e-commerce site, you would surely rather people see the SSL certificiate in your sites name, not your hosts?
    Also, if you're running a serious e-commerce site, get your own server too.
    AussieHost.com Aussie Bob, host since 2001
    Host Multiple Domains on Fast Australian Servers!!

  9. #9
    Join Date
    Jul 2002
    Posts
    288
    Errrr won = own. Damn typos

  10. #10
    Join Date
    Feb 2002
    Location
    Australia
    Posts
    24,009
    Originally posted by reseller
    Errrr won = own. Damn typos
    We'll let it slip this time. But if this happens again, you know the punishment...
    AussieHost.com Aussie Bob, host since 2001
    Host Multiple Domains on Fast Australian Servers!!

  11. #11
    Join Date
    Nov 2001
    Posts
    1,262
    Originally posted by Aussie Bob

    We'll let it slip this time. But if this happens again, you know the punishment...
    lol whats the punishment? huh huh?

  12. #12
    Join Date
    Jul 2002
    Posts
    288
    Oh not the spanking with a pentium one server again!!

  13. #13
    Join Date
    Sep 2001
    Location
    Texas
    Posts
    878
    -5 pts. spelling

    Reminds me of high school English class.

    If seeing any name other than your domain name on the ssl bothers you (or you think it will bother your customers), you should get your won cert. LOL

    If you are not picky, use the shared.

    -Lamar
    Going out of business in our 10th year.

  14. #14
    Join Date
    Jul 2002
    Posts
    288

  15. #15
    Join Date
    May 2001
    Posts
    1,513
    A self-signed certificate may be better than using a shared one. Personally, I think self-signed certificates are great!

    My "opinion" on the matter...

    Self-signed certificates are free, the host's name doesn't show if you get your own IP, and the info is still encrypted, which is the main thing you should be interested in. Self-signed certificates are also more compatible and work on almost every browser. You can even put a little javascript in your SSL pages to cancel the popup.

    ... and I could be wrong.
    Last edited by chrisb; 07-29-2002 at 08:12 AM.

  16. #16
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    6,999
    Self-signed certs will generate a security pop up dialog though.

    I see no reason why AWH won't let you buy an IP if you give them $25 set up and a yearly fee. Offer them $40 for the lot and they will sort you out, I'm sure.
    Laurence Flynn @ atOmicVPS LTD
    Linux & Windows Cloud Hosting Solutions Powered by OnApp
    Fully Managed [Shared][Reseller][Cloud VPS] [Dedicated]
    Featuring the atOmicSTACK ● Speed ● Performance ● Reliability

  17. #17
    Join Date
    May 2001
    Posts
    1,513
    Originally posted by NexDog
    Self-signed certs will generate a security pop up dialog though.
    I believe you can defeat the popup by adding this between the <HEAD> and </HEAD> tags in your files.

    <SCRIPT language="Javascript">
    onAlert=return true;
    </SCRIPT>

  18. #18
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    6,999
    Damn, that would be cool. If only I had time to test it......
    Laurence Flynn @ atOmicVPS LTD
    Linux & Windows Cloud Hosting Solutions Powered by OnApp
    Fully Managed [Shared][Reseller][Cloud VPS] [Dedicated]
    Featuring the atOmicSTACK ● Speed ● Performance ● Reliability

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •