SSL stands for Secure Socket Layer. It is an emerging standard
developed by Netscape Communications to transfer information
securely across the Internet. SSL will enable your customer's
browser to connect to your web site and transparently negotiate a
secure communication channel. Once this connection has been made,
information, like credit card numbers, can be exchange with no
chance of a third party intercepting the data.
There are some important issues regarding the use of secure
processing that everyone needs to be aware of. Every web site
name (i.e. www.YOUR DOMAIN.com) that wishes to use SSL will need
to have an authentication certificate "signed" by
Verisign. If you do not wish to get your
own certificate, you can use our certificate. However, this
means that you will have to use our site name (e.g. https://www.rapidsite.net/.).
Please note that SSL does not include software to process
credit card transactions. Although you can securely receive
credit card information through SSL, actual processing of the
credit card will require a "Merchant account" from an
accredited financial institution. Credit card processing software
will start to appear soon and you can find more information about
the new credit card processing standard called "SET"
at: http://www.visa.com and http://www.mastercard.com
Setting up a Secure Form
The secure environment refers to the transmission of
information from web browser to web server. If you have a link to
an order form, for example, from your home page, you would need
to use a URL similar to following:
- https://wwwXX.rapidsite.net/<userid>/form.htm
(XX = server number)
The "s" in https:// suggests an SSL related file.
Substitute the path to the order form starting with user
directory name. If your account resides on server #2, you would
need to use https://www02.rapidsite.net/<userid>/form.htm
or 03, 04, etc. respectively depending on which server the secure
form resides.
If the secure form calls a cgi script, you must also reference
that script securely.
- e.g. <form method="post"
action="https://wwwXX.rapidsite.net/<userid>/cgi-local/order.cgi">
Note: Upgrading to a High Volume account requires a change of
web server. In such instances, users will need to update their
HTML to reflect the new server number.
Retrieving Data From Server
As mentioned above, the secure environment refers to the
transmission of information between web browser and web server.
We suggest that you have a script written to save the submitted
form content to a text file. In so doing, you can reference the
text via secure URL and retrieve its content (e.g. credit card
information) securely via the web thus completing the loop.
- e.g.
https://wwwXX.rapidsite.net/<userid>/datafile.txt
To protect the data from unauthorized web surfers, you can
store the data file(s) in a password
protected directory.
An alternative is to have the submitted form content sent to
you via email. If your form references a custom script, you will
need to reference the script securely. We have not implemented a
solution for encrypting email. Users who wish to use encrypted
e-mail should research PGP.
