Posted on: 4th Jun 2009
By: Adam Moss
Magento developers who have just set up an SSL on their shop may find the following annoying message appear in Internet Explorer browsers:
“this page contains both secure and none secure information, do you want to secure the none secure information”
This occurs because the parts of your site that now appear under a secure ‘https’ domain, are probably still linking to parts of your site that are unsecure ‘http’. This is very likely to happen if you’ve just spent a while building a site and you’ve got to the point where it’s about to go live, therefore you want a security certificate to give customers confidence.
The solution I found was to rename all references to the ‘http://www.example.com‘ domain and simply change those references to look like this: ‘//www.example.com‘ .Items should still show up properly, but you’ve removed the part that tells the certificate is from an unsecure part of the site.If you’ve linked up JavaScript files, CSS, images or other items in thie old way it will cause the message to appear.
You don’t need to change links to use this format. This should still work fine: <a href=”http://www.example.com”>Example</a>
But, you do need to use it in this situation: <img src=”//www.example.com” />
Posted on: 21st May 2009
By: Adam Moss
One of the most important aspects of an e-commerce website is the application of an SSL certificate, something which must be requested through a company’s hosting account. You are then provided with a Certificate Key and a Private Key which you must submit to a vendor who will verify your site and supply you with the rest of your details.You need to ensure that your website has a unique IP Address that the certificate can be assigned to.
Self-Signed Certificates
You can actually sign your own SSL certificate and save time and money without going through a certificate vendor. However using this method is not advised as you are technically just kidding your customers and yourselves. In the same way that signing your own driving license doesn’t make you a legal driver, signing your own SSL certificate doesn’t make your websitesafe for users – and this is a risky and dishonest way to treat your customers.
How much do they cost?
There are different certificates for different levels of encryption and varying server types. SSL certificates come in 40-bit, 128-bit and 256-bit varieties, but as the 40-bit encryption has been hacked, be sure to get a higher bit certificate. For plesk users, you can find a good range of options by visting MyPlesk.com. You can find that subscriptions start at about £30 for a year up to about £500. You can also determine how many years you want it to last for – anything between 1 and 5 years.
An SSL Certificate is the way of proving you’re a legitimate, honest and open e-commerce business with nothing to hide. A proper SSL certificate may well be your key to ecommerce success.
