SSL stands for Secure Sockets Layer. It is an emerging standard developed by Netscape Communications to transfer information securely across the Internet. SSL will enable your customer's browser to connect to your web site and transparently negotiate a secure communication channel. Once this connection has been made, information, like credit card numbers, can be exchanged securely.
Please note that SSL does not include software to process credit card transactions. Although you can securely receive credit card information through SSL, actual processing of the credit card will require a "Merchant Account" from an accredited financial institution.
2 Ways to Utilize SSL:
Option 1 - Use Univox's SSL digital certificate. This is a FREE option for Univox Executive Account holders. The only drawback is that you will need to use Univox's domain name in any secure URL:
https://secure.univox.com/yourdomainname.com
Option 2 - Obtain your own Digital Certificate from Verisign. This will
allow you to reference a secure URL using your own domain name:
https://www.yourdomainname.com/
You must obtain your own digital certificate if you plan to use Cybercash online payment services.
How to implement an SSL secure connection:
If you have a link to an order form, for example, from your home page, you would need to use a URL similar to following:
The "s" in https:// suggests an SSL related file. Substitute the path to the order form starting with user directory name.
If the secure form calls a cgi script, you must also reference that script securely.
<form method="post"
action="https://secure.univox.com/yourdomainname.com/cgi-local/order.cgi">
-or-
<form method="post"
action="https://www.yourdomainname.com/cgi-local/order.cgi">
Retrieving Data From Server:
As mentioned above, the secure environment refers to the transmission of information between web browser and web server. We suggest that you have a script written to save the submitted form content to a text file. In so doing, you can reference the text via secure URL and retrieve its content (e.g. credit card information) securely via the web thus completing the loop.
To protect the data from unauthorized web surfers, you can store the data file(s) in a password protected directory.
An alternative is to have the submitted form content sent to you via e-mail. If your form references a custom script, you will need to reference the script securely. E-mail messages are not secure, unless you encrypt them using a third-party encryption program
such as PGP.
If your application requires the need for a secure transmission from end-to-end Univox Internet can assist you by writing a custom script that will fit your requirements. For more information on this please contact our sales department.
Using email to deliver data posted through an SSL form:
If you are using an email form handler on Univox in conjunction with a secure form, you will need to reference the script (see below) and "success" URL
securely. (The "success" URL is the web page you want to display after the email is successfully sent.) Please note that sending the resulting data via email is merely giving users a false sense of security.
Although the information the user enters into the form gets transmitted in an encrypted manner to our servers, the resulting e-mail message that gets sent from our servers to you is not encrypted and therefore not secure.
Further encryption of the data is recommended.
-or-
(if you have your own digital certificate)
(if you have your own digital certificate)
(if you are using our digital certificate)
(if you have your own digital certificate)