Yes, for us it is payments. We have 3 web servers, load balanced with sticky sessions. So, when User A goes and adds up a basket in Web Server A they are always on that server for session awareness etc.
Now, for each of these web servers we have a secure.blahblah.com site setup on port 443, each with a cert installed (well it is just one cert exported and imported across the range). So, when a user goes to checkout they are effectively leaving their website domain of www.foo.com and going to secure.blahblah.com - all with their session data intact. At the point they move from HTTP to SSL their traffic is encrypted at the strength allowed by the cert - so yes, all traffice is indeed encrypted at anytime while they are on https://secure.blahblah.com/ Data isn't *sent* to that domain, you are actually moving to the secure domain as part of your request. When all is done and they want to go back they switch back to www.foo.com and all is good. N -----Original Message----- From: Rick Faircloth [mailto:[EMAIL PROTECTED] Sent: 08 August 2006 15:04 To: CF-Talk Subject: RE: SSL Certificates But what does the secure.blahblah.com site/domain do for the traffic that is routed to it? Just encrypt data sent to it from the other sites? In your example, what would secure.blahblah.com do for traffic sent to it from foo.com? Is for processing payments? Would it display HTML or CF pages or would it just encrypt data that is routed through it because it has a certificate? I'm not sure of the exact role that the secure domain plays in relationship to the other sites on the server. I appreciate everyone's patience with the OT topic...but all the sites I'm needing to secure are CF sites! :o) Rick -----Original Message----- From: Robertson-Ravo, Neil (RX) [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 08, 2006 8:57 AM To: CF-Talk Subject: RE: SSL Certificates Right, the secure domain is on its own IP - this is normal practice. -----Original Message----- From: Rick Faircloth [mailto:[EMAIL PROTECTED] Sent: 08 August 2006 14:06 To: CF-Talk Subject: RE: SSL Certificates > We have one secure domain ....secure.blahblah.com But that secure domain isn't accessed via host header, right? (I'm sorry for being so dense...this is probably easier than I'm making it.) Rick -----Original Message----- From: Robertson-Ravo, Neil (RX) [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 08, 2006 8:26 AM To: CF-Talk Subject: RE: SSL Certificates This is exactly what we do. We have one secure domain ........secure.blahblah.com and the moment you go from say www.foo.com or www.gnu.com to a secure location you get redirected to secure.blahblah.com. So, all secure requests go to that address - one cert. N ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249176 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
