I have a web page that is secured by an SSL certificate. Users access
it by going to "https://mywebpage.html";. This page sends a cgi
request (containing credit card information) to my MacMini server,
located elsewhere. The server is not SSL protected. The credit card
data is then processed via a Rev SSL routine to a secure payment
gateway, then immediately discarded.
Is there any security issues with this approach? Do I need to get an
SSL certificate for the server?
I've noticed that Firefox and Safari post a warning message when one
hits the Submit button on the web page, saying that while the web
page is secure, the data is being sent to a potentially unsafe
location (presumably because the form is directed to an http
address). Internet Explorer doesn't show any message.
Would it be worthwhile to get an SSL certificate for the server?
Thanks.
Richard Miller
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
