When it comes to using Secure Sockets Layer (SSL) encryption to protect your website, there are a number of considerations to consider when selecting the right one for your needs. The distinction between a Private and a Shared SSL Certificate is one of the most common misunderstandings.
These days, they’re really popular because you can get them for free. They don’t have to be associated with a particular domain, such as mybrand.com. Rather, they usually apply to entire servers that host multiple domains or subdomains.
This means that if a shared certificate is compromised, all of the domains it covers are at risk, and site owners are unable to alleviate the situation by revoking the SSL certificate.
You can also get Organization Validation (OV) or Extended Validation (EV) (EV). To customers who are concerned about the type of SSL Certificate that protects your website, this means trust — with OV and EV, the Certificate Authority performs extensive checks to ensure that you have a valid certificate. Because of this added confidence, ecommerce websites prefer the Private SSL option.
My company’s development team is working on two sites that will each have their own domain name (for example, foo.example and bar.example), but will be hosted on a single cloud Linux/Apache server.
Do we need to buy SSL certificates for each domain (one for foo.example and another for bar.example) or just the server? And, when using SSL in this environment, are there any special security issues that need to be considered?
You’ll need a separate SSL certificate for each domain if you want to provide HTTPS connections to both. If you try to use only one for the server, your visitors’ browsers will display a domain mismatch security error.
Because standard SSL certificates are only assigned to one domain and one IP address, each SSL will need its own IP address. If your account has only been allocated one IP address, you’ll need to contact your web hosting company or ISP to request a new (non-shared) IP address.
SSL certificates only secure the connection between your web server and client browsers; if you’ll be storing sensitive data on your server, you’ll need to implement good security practices. It is beyond the scope of this issue to discuss how to do so, as well as whether cloud-based web hosting is secure, but it is a valuable consideration in that case.
When people are looking to purchase or renew an SSL Certificate, I often see them confused about the differences between Shared SSL and Private SSL. Both provide SSL security, but in different ways and with different limitations.
Shared SSL merely encrypts your domain, not authenticates it. When you visit a website like this, you will receive a security alert. This is because the SSL certificate for this domain was not issued, but it was issued for the server you are using. If you choose to view the certificate, you can see the CN(Common Name) set under the “Issued To:” section.
Because of the security error displayed, most people avoid websites with Shared SSL when submitting their private or credit card information. E-commerce websites do not use Shared SSL for the same reason.
Customers trust private SSLs because they are unique to the customer’s name, address, and company information and provide a higher level of security. As a result, most online businesses tend to use Private SSL, which allows them to directly collect credit card information. Also, because of Private SSL, no security warning messages will appear when people visit your website securely.
Secure Socket Layer (SSL) is the acronym for Secure Socket Layer. The information sent from the web browser to our server is encrypted and sent in a format that no one except the server can read. This enables sensitive data, such as credit card numbers and passwords, to be securely transmitted over the internet.
Answer:All shared plans come with a free shared SSL certificate. The SSL certificate is already installed for Linux hosting plans and those who add MIVA Merchant to their hosting plan. You can easily activate your SSL certificate via the Control Panel if you have a Windows hosting plan. Please see our support article here for more detailed instructions.
Your shared SSL URL would be something like this: https://www##.safesecureweb.com/username, where ‘##’ is a number generated by the server you’re on and ‘username’ is the username you were given when you created your account. Once the shared SSL is configured, you will receive this information.
Your entire website is covered by the shared SSL certificate. You don’t need to save your website anywhere else. Simply link to the secure parts of your code and upload your site as usual.