Announcement

Collapse
No announcement yet.

Bruce-our thread on Shared SSL

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Bruce-our thread on Shared SSL

    Hi Bruce
    In the earlier thread on Shared SSL, there are some issues which I want clarification on....namely Shared SSL
    Actinic and its partners provide a Shared SSL service.
    Under Credit Card Capture Configuration in Business Settings, there is also an Option for an Unlisted Provider of Shared SSL. It is this option which I selected and set, using the info from my ISP who has set up a Shared SSL solution for my website.
    Now is this possible, I mean does Actinic allow other then the Actinic Partners to provide Shared SSL? If so , then why does my Shaed SSL not work during checkout? The impression I got from you and from reading previous threads is that only the Actinic Partners are allowed to provide Shared SSL services. If that is the case, then this would be a major constraint on the use of Shared SSL services under Actinic.

    Would appreciate your input and clarification on this issue

    cheers

    #2
    When you speak of Shared SSL, and with Actinic then there are 2 possible solutions you are talking about.

    1. Shared SSL where your host provides you with some space which is SSL encrypted where you can upload files and access them under https, but is not under your domain, but some generic domain that the host provides, in which case you need to upload your cgi-bin files to this ssl space they provide - you would need to do some digging to find the correct network settings with your host to use this.

    2. Actinic Shared SSL - where this is a specific SSL solution designed for the sole operation of Actinic site operators who want to take secure receipt of CC details, but without having to have an SSL certificate bound to there domain name, or using a shared ssl certificate as above. i.e. this provides an encrypted blob of information from your non ssl enabled site, to the server providing the Actinic Shared SSL service, which then allows your customer to place an order in SSL surroundings, and then securely send it back to your site ready for you to download the order and your software then decrypt it...

    Two totally different systems. For your host to provide Actinic Shared SSL as in the unlisted provider you mentioned, then they have to physically be operating the Actinic Shared SSL scripts and programmes, so I guess they are not using that and are using plain old #1...

    Hope that helps explain some of this.

    Comment


      #3
      thanks for your reply. I assumed that if I choose Shared SSL then Actinic would automatically upload all the scripts to the cgi-bin directory. It seems that this is not the case, and that is why I am getting the error that page/script not found. I dont have access to the https directories, my ISP just created a pseudo domain with my domain name (+) their ssl directory, and I cant see this directory with ftp client or with webshell.
      I think maybe I am better off getting a godaddy Cert and going full SSL, what do you think? I honestly dont have time to mess around...
      cheers and thanks for your help..you made it quite clear about shared SSL, and frankly the point was not clearly made before. I have seen few older posts which confuse this point...

      Comment


        #4
        You will need to speak with your host about using an SSL certificate on your domain name directly, as unless you are already provided with one, you will need to be assigned a static IP address bound for your domains sole usage to facilitate an SSL certificate usage, whereas those sites which do not use SSL bound to the domain is normally assigned a name based provision, which means lots of domains frequent the same IP address, which means you would not be able to simply add an SSL certificate to it...

        U will need to speak to your host on the procedure for getting and using SSL on there server, but glad the explanation helped.

        Comment


          #5
          Hi Again
          I just spoke to my ISP in detail about this issue. There is only 1 cgi-bin for both http and https protocol, and all the scripts are loaded in this cgi-bin which is normally under the domain name. So I come back full circle, why is actinic not loading the cgi-bin correctly for shared SSL...Its a puzzle to me...

          Comment


            #6
            Hi,

            Right, this is not Actnic Shared SSL and SSL on a shared environment, so do away with any Actinic Shared SSL settings and within Payments and Security enable SSL on and for checkout only.

            Then, go into your Advanced | Network setup and there will be an SSL tab now in there, which is where you will need to place all of the config details for Actinic to connect to this SSL portion, i.e. it will not be under your domain name, but under a shared domain name which the actual SSL certificate is assigned to, so you will need to get the domain name of them and the full path to your cgi-bin along that route, so for example:

            your site might be under www.mydomain.com

            The SSL area might be bound to the domain secure.hostingprovider.com, so the full SSL URL might be something like...

            https://secure.hostingprovider.com/a...n.com/cgi-bin/

            if you see what I mean...

            Comment


              #7
              Hi
              I have a fixed IP address for my domain name, and for $25 for a cert from GoDaddy, its worth going that route...
              However, It seems to me that my ISP has to physically operate the Actinic Shared SSL scripts and Programs, and they are not uploaded by actinic automatically. I dont think that my ISP will go to the bother of running special scripts and programs just for one client...hmmm...now I understand why Actinic wants to charge me $150 per year for shared SSL
              I personally think that the scripts should be uploaded freely...but that is just my opinion

              cheers

              Comment


                #8
                The means to operate the Actinic Shared SSL system is server specific, i.e. it is a set of special scripts which were designed with the sole intention of providing this service to Actinic users when it became apparent that the Java VM (which was the dominant means for payment details receipt) was not going to be included with Windows XP (when it first came out)... So the service is an add on and not something which is just given away, i.e. we purchased the system from Actinic so that we can provide it to our customers and those who wish to use it from us etc. but we had to deploy it on our servers and provide the ssl for it etc etc, so it is a service in addition like every other payment processing or receipt system, whereas Actinic provides connection to this, paypal and all the others or you can directly take receipt yourself through the operation of the SSL directly connected with your domain.

                If the folders for the SSL shared space with your host was directly connected with your own hosting webspace, then you can (as other have managed to achieve) wangle using that, but as it is not connected, then your own SSL is the only way or Actinic Shared SSL...

                Comment


                  #9
                  Fair enough..I understand that you are buying in a service and you have to charge for it..thanks for your explanation...
                  cheers

                  Comment

                  Working...
                  X