SSL Questiosn

Thanks in advance. Like so many others I am trying to set up security to except credit card payments and have several questions

1 In another post somebody mentioned encrypting credit card data when saving to the database. Can this be done via ASP.NET VB and are there code examples out there or do I need do buy some classes. Anything info will help.

2 For our website we originally purchased Discountasp with domain www.mydomain.net and have since obtained the .com version which is pointing to the same root as .net via the domain pointer. If I want to use https on www.nydomain.net/ecommerce/PayPage.aspx and www.mydomain.com/ecommerce/PayPage.aspx do I need 2 SSL certificates, or a certificate with a wildcard or can I just pick one URL and secure that.

3 Am I correct in thinking I saw ASP.NET 2.0 form tag settings to force a page to only resonpond to https requests?

4 I am mainly concerned with secure data transmission as opposed to site verification. Does anybody have complaints about GoDaddy SSL? Any recommendations for less expensive certificates? I also have to worry about AOL hardcores and MAC users, any concerns?

 

SSL certificates are specific to a domain. For example, if you purchase an SSL certificate with the common name www.domain.net, you will not be able to secure www.domain.com. Since we can only install one SSL certificate per site, you will have to choose which common name.

A wildcard certificate is usually for subdomains. For example, the wildcard common name of *.domain.net can secure any subdomain of domain.net likehttps://secure.domain.net and https://any.domain.net, but not .com.

I do not recommend GoDaddy certificates, because they issue "chained root" certificates which may cause problems in some browsers. RapidSSL, Verisign, and Thawte all can issue "single root" certificates and are preferred.

Perhaps someone else can answer your question about sample code for encrypting data.

Aristotle

DiscountASP.NET
www.DiscountASP.NET