• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

signing your own ssl certificate

I

ilustrate

Guest
i enabled ssl on a site that i will commence e-commerce sales shortly and wanted to ask a quick question. do i really need to purchase an ssl certificate? i will be running paypal as the payment gateway and i assume paypals network is highly secure. i feel that their is a need for ssl during the initial customer information capture but wanted to know if i could just sign the certificate myself since it would just tecnically just be encrypting a couple pages at most. maybe a my account section but i assume everything else would be handled by paypal. is this correct? can i just sign the certificate some way and get the box to dissapear?
 
do i really need to purchase an ssl certificate?
Click to expand...
You don't *have* to.... But to give a better 'appearance' to your business, you probably should. Afterall, if you are running a commerce site for profit, the cost of a cert is really not that much.
i will be running paypal as the payment gateway and i assume paypals network is highly secure.
Click to expand...
Highly secure.. hmmm, should I even go there? My opinion is that the only site which would be absolutely 100% secure is the one which is non-existent. Any lock or barrier can be broken given enough time, ingenuity, and resources. Can PayPal legitimately claim that they have *never* been hacked into, ever? With a clear conscience and with the wrath of God to answer to if they lie? LOL
can i just sign the certificate some way and get the box to dissapear?
Click to expand...
You can self-sign, but that will not prevent a warning box from appearing on the browser. Self-signed certificates are perfectly legitimate for the encryption, but getting the average user to believe that it is really 'safe' is another thing. With all the publicity about safe-surfing, I have found many users to be a lot more cautious than in years past. Now if they would only take the same care in opening emails and clicking on bogus Paypal, Citibank, and other links...
 
Yeah, I report "spoofs" to abuse@paypal almost on a daily basis :eek:
 
You must log in or register to reply here.

Similar threads

C
Issue Purchased SSL certificate installation process failed/cancelled
Replies
1
Views
833
Maarten
M
H
Resolved Wildcard SSL Certificate Auto Renewals not Working for Let's Encrypt with External DNS
Replies
6
Views
6K
NickSick
N
newbie90
Issue SSL adding I simply cant do it...
Replies
5
Views
1K
Bitpalast
Bitpalast
learning_curve
Resolved SSL Validation Challenges
Replies
2
Views
3K
learning_curve
learning_curve
Mark12345
Issue A+ SSL/TLS Test - PCI Compliance - Ciphers - Oh My
Replies
8
Views
4K
Mark12345
Mark12345
Back
Top