FAQ - SSL
What is SSL?
This is a security feature that allows all
communication between a browser and inSolSys.com's
servers to be encrypted. You will know a page is
encrypted when the "lock" appears within
your browser window. You can also tell if the
beginning of the URL you are trying to access
changes from http:// to https://. Sites that need
to transfer sensitive information such as
passwords and credit card information from the
browser to the server need to have SSL enabled for
their site.
What is an SSL certificate?
An SSL certificate is a "key" file
that sets the encryption between InSolSys.com's
servers and the browser. It is purchased from a
Certificate Provider such as Versign, Thawte or
Equifax.
What is the difference between
Verisign, Thawte and Equifax?
The technology is pretty much the same between
the SSL certificates. One does not have "more
power" than the other. The costs do vary
widely though.
Which SSL certificate does InSolSys.com
recommend?
We support either Verisign, Thawte or Equifax.
How much does InSolSys.com
charge for an SSL certificate installation?
We do not charge anything to install an SSL
certificate. Each of the certificate providers
mentioned above have their own yearly fees for use
of the certificate.
Can I move my SSL from another
host to your servers?
If you are moving from an NT IIS server to
ours, there is a good possibility you can. Ask the
administrator of your current server to export the
certificate for you. Then send us the file and we
can try to import it into our servers, although we
can not guarantee it will work. If you have a UNIX
account, you will need to apply for a new SSL
certificate.
I have an SSL certificate for
www.mydomain.com but I also have www2.mydomain.com
pointed to the site. Whenever someone uses the
www2 host name, the SSL certificate does not work.
Why?
This is because an SSL certificate is tied to
the exact domain name used in the URL. If you use
www.yourdomain.com for the SSL certificate, it
will ONLY work if the URL that is requested is
www.yourdomain.com. It will not work if it is
called yourdomain.com or www2.yourdomain.com. If
you also wish to have people access the site
securely using a second hostname/domain name
combination, you must purchase a second SSL
certificate.
I have an SSL certificate. How
do I get the lock to appear in Netscape?
You must change the URL of the page you are
accessing to https://. This is what triggers the
browser into entering "SSL mode."
Can I force people to only use
SSL to access a page or pages?
Yes, you can. However, you must contact InSolSys.com's
customer support to activate this. We need to know
which pages or directories you wish protected in
this way.
Should I use SSL on my entire
site?
You could but we do not recommend it. SSL is a
very server intensive process. This will slow down
your site tremendously especially as user traffic
increases. You really only need to protect form
pages that you feel are passing information that
is highly sensitive between the server and the
browser.