SSL - Any advice or gotchas?

[Neil Porter]

I've just been asked by one of my customers to convert an existing NTWS webserver to use an SSL certificate.

They would like me to obtain the certificate for the site on their behalf.

Is there anything I should be aware of before I dive into this?

I've found an article by Bruce about "Levels of SSL" which looked quite informative, and there is a whole section in the docs about "building secure sites". I'm hoping that it will be as simple as following the steps suggested by Bruce, but whilst I'm familiar with Code signing my own applications, I've never done anything with SSL, and wondered if there was anything that was likely to bite me?

I have used Comodo for my own code signing certificates, but I don't have a strong preference for SSL, as I won't be paying for it 

Regards,

Neil.

[Bruce]

>> They would like me to obtain the certificate for the site on their behalf.

that's not so easy to do. the whole point of the certificate is to validate that "you own the domain" - so the person who owns the domain is the right person to get the certificate.

you can try doing it for them, but they'll need to provide paperwork etc.

cheers
Bruce

[bijan]

Hi Neil,

I find Godaddy easier for signing up a new customer. They used to have good pricing on their SSL. Do a google search on SSL, you may find a discount offer on Godaddy's SSL.  I like their control panel for maintaining your certificate. It's easy to follow.

Regards

Bijan