Https

Hello All,

Okay I have a question. My client wants to use Authorize.net AIM method to credit the users credit card. I am reading authorize.net's AIM guide and they say that you need to post the information to them from a secure server(HTTPS).

I do not have much experience with HTTPS. So my question is:

Do I need to do anything special with my scripts when working with the users information OTHER then accessing it from https???

like: http://www.mysite.com/script.asp - WRONG
https://www.mysite.com/script.asp - Correct (has SSL 128-bit connect)

Any ANY help on this matter would be greatly appreciated! :D

If you purchase your own SSL certificate, then simply sending the user to the https form and posting via https is all that is necessary. If you are using a shared SSL certificate though, there is more work you have to do and to me, it does not look as professional to the customer -- get your own cert. ;-)

Hope this helps...

Hey Shift,

Thanks for the info. My client owns their own Server so they will be purchasing one I am sure of it.

So I can use the form normaly and handle the info normaly just as long as I it over the https?


thanks again for posting!!!!

So I can use the form normaly and handle the info normaly just as long as I it over the https?
Correct. Remember, SSL is a little slower and more of a CPU hog than its insecure counterpart. If you expect high traffic you may want to add code to your scripts to make sure your "secure" pages are using https and that pages that do not need to be secure use http.

Example: If you go to my main page (or any page that does not contain sensitive info) and I detect that you are using https, my code automatically bounces you to the same page using http and the opposite is true for pages that contain sensitive information.

Hey Shift,

Thanks again!!!

I really appreciate it :) :D