I wonder ...

[rider]

Is SSL certificate important for running a web hosting business. I plan to reg a domain with ************ and have seen their offer about SSL certificate.
Have you used it, guys?

 

[brianf]

************ and have seen their offer about SSL certificate.

I'm not sure if you're referring to a 'shared' SSL certificate or purchasing a certificate specifically for your site.

If you're planning on processing credit cards through your site, versus 2CO or Paypal, an SSL certificate that's specifically for your site is a must. A self-signed or a shared certificate may be almost as secure, however, it will always trigger the warning pop up in browsers.

You wouldn't want to make your entire site SSL, just a sub-domain where you process credit cards or other sensitive information. When you create a request, you would want to do so using secure.mydomain.tld or www.secure.mydomain.tld versus mydomain.tld. Since certificates are site specific, any time that you create a link to the secure portion, you must do so using the exact domain/sub-domain that you used to create the SSL request, otherwise visitors will get the warning pop-up.

If you're not processing credit cards or other sensitive information, an SSL certificate is unnecessary.

 

[purple]

Its good to know you can only use the ssl certificate on one section, as opposed to the entire site. Why does a shared certificate trigger the pop-up? What specifically makes it less secure than a site specific certificate? Is it the type of sharing, or just that it is sharing?

 

[brianf]

You can use a certificate on an entire site, it's just not needed. When used on an entire site the certificate request would be for yourdomain.tld or www.yourdomain.tld and all directories beneath would be secured. However, if you tried to use that same certificate on secure.mydomain.tld, the warning would be triggered informing the visitor that the site they are visiting and the certificate domain do not match. The certificate will still provide the same degree of security in either case, and the user can elect to accept the certificate.

In reality there is no such thing as a shared certificate. The term describes a certificate that's installed at the on the servers shared IP address and typically it could be accessed by using your domain name, however, as it's installed on the default site it would be necessary to use mod_userdir to access your site. The url might look something like this:
https://www.yourdomain.tld/~yourusername/ or https://www.another_domain/~yourusername/. If the certificate was issued to another_domain, then there wouldn't be a warning pop-up. So a host may purchase that certificate and all users would use the same url to access without warning.