Quantcast
Channel: Admins Goodies » payment
Viewing all articles
Browse latest Browse all 4

Domain changes required for SSL integration

0
0

Question

Currently my site supports regular payment options (User is taken to Payment Gateway/PG website). Now I’m trying to implement “seamless” PG integration. I need SSL for this. I’m having a dedicated server with 5 static IPs from Hostgator/HG.

options:

  1. I take SSL for www.my_domain.com. According to HG, I need to change IP of main site as current IP is not really dedicated as it is being shared by cpanel etc. So They need to bind another dedicated IP to main domain for SSL to work. This would required DNS change for main website and hence cause few hours downtime (which is ok).

  2. I’ve noticed that most of the e-commerce websites are using subdomains like secure.my_domain.com for ssl/https. This sounds like a better approach. But I’ve got few doubts in this case:

a) Would I need to re-register with existing PGs (Paypal, Google Checkout, Authorize.net) if I switch to subdomain? Re-registering is not an option for me.

b) Would DNS change be required for www.my_domain.com in this case. This confusion arose because of following reply from HG : “If the sub domain secure.my_domain.com is added to an existing cPanel it will use the IP for that cPanel so as long as it is a Dedicated IP that will be fine. If secure.my_domain.com gets setup as its own cPanel it will need to be assigned to a Dedicated IP which would have a DNS change involved.”.

PLease suggest.

Asked by user131003

Answer

Short answer:

1) I’m guessing that cpanel is also accessed via SSL? If so, then yes, you’d need to move either your website or your cpanel to a new IP. But there are ways to not have any downtime while moving your webserver – see below.

2) If you have a separate domain for the SSL version of the site, then you won’t need to change the address of your existing domain.

2a) As for your PGs, you’d better check with them.

2b) No, adding a subdomain doesn’t need to change your original domain.

Longer answer:

I’m assuming that your current setup is that you have one ip address only on your server. On that address, you’ve got two ports open – port 80 for the webserver for www.my_domain.com and port 443 for your cpanel access.

Now, when you want to add SSL, that means that your webserver also wants to listen on port 443, and you can’t have two different programs listening on the same port, so there’ll be a conflict. That means that you will have to move one of them. Since cpanel is used for server administration, I can see that you don’t want to move that.

In order to not have downtime, there are some ways of handling the move:

1) You can reduce the expiry/refresh for your DNS zone for my_domain.com. If you reduce this to e.g. 30 seconds, then wait 24 hours, and then change the record, that means that the downtime will at most be 30 seconds for any given client, and that only if that client is really unlucky with their timing. (You should have statistics on what times the webserver has the most and least traffic, and choose your timing accordingly. And the new record should have your regular expiry/refresh again.)

2) You can have your webserver listen to both the old and the new IP address for a day or so. After that, you change the setup so it only listens to the new IP only, and then you can activate SSL.

Answered by Jenny D

Viewing all articles
Browse latest Browse all 4

Latest Images

Trending Articles





Latest Images