Rev cgi server and SSL
Luis
luis at anachreon.co.uk
Fri Apr 11 03:36:01 EDT 2008
Browsers will warn of certificates they do not have in their
repertoire. If you want to cater for the general population your best
bet, to avoid the warnings, is to get a certificate from a known
vendor (ie: known to the browsers). If the audience is limited, you
can generate a certificate and get them to install it in their browsers.
Cheers,
Luis.
On 11 Apr 2008, at 08:01, Richard Miller wrote:
> I have a web page that is secured by an SSL certificate. Users
> access it by going to "https://mywebpage.html". This page sends a
> cgi request (containing credit card information) to my MacMini
> server, located elsewhere. The server is not SSL protected. The
> credit card data is then processed via a Rev SSL routine to a
> secure payment gateway, then immediately discarded.
>
> Is there any security issues with this approach? Do I need to get
> an SSL certificate for the server?
>
> I've noticed that Firefox and Safari post a warning message when
> one hits the Submit button on the web page, saying that while the
> web page is secure, the data is being sent to a potentially unsafe
> location (presumably because the form is directed to an http
> address). Internet Explorer doesn't show any message.
>
> Would it be worthwhile to get an SSL certificate for the server?
>
> Thanks.
> Richard Miller
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>
More information about the use-livecode
mailing list