SSL - newbie

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I am making a website that transmits customers' credit card numbers over the

I am trying to figure out how to do this.  Someone mentioned that I need to
get an SSL certificate?  I tried to find tutorials on the Internet but all I
could find was information about setting up SSL for system administrators.

Can anyone point me in the right direction?

I went to Verisigns's website -- am I going in the right direction?  It is
saying $350/year for 40-bit encryption and $900 for 128.  Do I need to pay
this much money to take credit card transactions?  ($900 is too much because
the feature that I am adding to the site saves less than that per year.)
Once I pay money to someone for this certificate, how do I set the site up
to make secure transactions and then transmit the credit card numbers from
the server to my email address.  Is there any way to do this without paying?
What is the difference between SSL and SHTTP -- or "what is the cheapest way
to do this?"

Thanks in advance to anyone that can offer help.

Re: SSL - newbie

On Wed, 19 Jan 2005 23:49:19 -0500 Josh wrote:

Quoted text here. Click to load it

For starters, you might want to enquire dealings with businesses like
For a much smaller fee, let them handle the deal.
Do not use paypal.

Re: SSL - newbie

While sitting in a puddle Richard scribbled in the mud:

Quoted text here. Click to load it

Why noy Paypal?

D? just to raise my PR

Re: SSL - newbie

Quoted text here. Click to load it

We aren't charging the cards... we just need the credit card numbers to
guarantee accommodation reservations.  I looked at and they
want 5.5% on transactions -- that seems quite expensive...

Re: SSL - newbie

Hi, Josh

Josh wrote:
Quoted text here. Click to load it

You will need to tell your web host which domain you need an SSL for
(e.g. Your web host will need to generate a
Certificate Signing Request (CSR) and send it to you. You send the CSR
to a firm which generates SSL certificates, supply any extra info they
need (i.e. proof that you and/or your business exists!), supply your
credit card details, and they will generate a certificate for you. Then
you forward the certificate to your web host for installation.

I use InstantSSL ( ) - they are cheap and fast,
and there are real, live human beings there to help you if you get stuck
(yes, I've contacted them. I know they exist!)

Once the certificate is installed, you will need to install a CGI script
to get the credit card details and email them to you - do a search on
Google, and you will probably be able to find a free CGI script. But I
doubt you'd be able to get a free SSL certificate.

Custom Net Hosting

Re: SSL - newbie

Quoted text here. Click to load it

Thanks for your reply.  I looked at and it looks cheap.
Since we don't charge the credit card (we just take the cc number through a
form and hold it as a guarantee) it looks like the $50 per year SSL might
work -- much better than the $900 that I was looking at.

Re: SSL - newbie

Josh wrote:

Quoted text here. Click to load it

I don't mean to be rude, but if you're asking all these questions, then
you really shouldn't be "making a website that transmits customers' credit
card numbers over the Internet."

You mention "SHTTP" and you say that you want to then e-mail the details
from your server to your address (SMTP is an insecure protocol).

Use ProtX or a similar third-party payment solution.

Toby A Inkster BSc (Hons) ARCS
Contact Me  ~
Now Playing ~ ./shawn_mullins/souls_core/06_and_on_a_rainy_night.ogg

Site Timeline