Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > php > answers

ssl and php

jjrmy1
Guest
  
Posts: n/a
#1: Aug 6 '08
Hello I am new to this newsgroup and any help would be much appreciated.

I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl compiled
into PHP.
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?

Thanks in advance for your help
Jeremy

Jerry Stuckle
Guest
  
Posts: n/a
#2: Aug 6 '08

re: ssl and php

jjrmy1 wrote:
Quote:
Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl
compiled into PHP.
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>
Thanks in advance for your help
Jeremy
>
It's not the certificate that's the problem - authorize.net requires ssl
protocol to protect the customer data. And if your cURL doesn't have
ssl support compiled in, it cannot use ssl to communicate.

The way I see it, you have three choices:

1. Get your host to compile ssl support into cURL,
2. Find another host who will (or get your own vps), or
3. Not use authorize.net.

I know none of these look attractive. But OTOH, I think authorize.net
is taking reasonable precautions.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
The Natural Philosopher
Guest
  
Posts: n/a
#3: Aug 6 '08

re: ssl and php

jjrmy1 wrote:
Quote:
Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl
compiled into PHP.
AFAIK SSL is a socket level security, and has no relevance to php.

It is implemented at the web client/server level..i.e. I can get an ssl
session going with my apache server and any browser that supports SSS.
That securitizes the transactions between me and the customer.
Quote:
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
Ah..that's somewhat different: thats you acting as a *client* into
someone else's secure servlddl have thought most people had..

Quote:
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>
The certificate is a separate issue. Thats down to the server side to
supply: you are in this instance acting as a client side.



Quote:
Thanks in advance for your help
Jeremy
C. (http://symcbean.blogspot.com/)
Guest
  
Posts: n/a
#4: Aug 7 '08

re: ssl and php

On Aug 6, 3:47 pm, "jjrmy1" <jjr...@sbcglobal.netwrote:
Quote:
Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl compiled
into PHP.
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>
Thanks in advance for your help
Jeremy
As others have pointed out, the connection from your website to your
cc processor is quite seperate from the connection between the
customers browser and your website.If you are capturing the credit
card details into your wesite before relaying these details, then you
MUST, MUST, MUST have SSL between the browser and your website - which
means installing a certificate on your website.

In the case of Paypal, and others, this is not necessary - because all
the secure details are exchanged directly with the payment processor
(over SSL).

Just thought I'd clear that up since your post implies that you are
not already using SSL on your own site.

C.
Closed Thread

« previous question | next question »

Similar PHP bytes

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,471 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved