ssl and php

**Jerry Stuckle** · Aug 6 '08, 03:15 PM

Re: ssl and php

jjrmy1 wrote:

Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl
compiled into PHP.
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>
Thanks in advance for your help
Jeremy
>

It's not the certificate that's the problem - authorize.net requires ssl
protocol to protect the customer data. And if your cURL doesn't have
ssl support compiled in, it cannot use ssl to communicate.

The way I see it, you have three choices:

1. Get your host to compile ssl support into cURL,
2. Find another host who will (or get your own vps), or
3. Not use authorize.net.

I know none of these look attractive. But OTOH, I think authorize.net
is taking reasonable precautions.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**The Natural Philosopher** · Aug 6 '08, 03:35 PM

Re: ssl and php

jjrmy1 wrote:

Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl
compiled into PHP.

AFAIK SSL is a socket level security, and has no relevance to php.

It is implemented at the web client/server level..i.e. I can get an ssl
session going with my apache server and any browser that supports SSS.
That securitizes the transactions between me and the customer.

"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"

Ah..that's somewhat different: thats you acting as a *client* into
someone else's secure servlddl have thought most people had..

They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>

The certificate is a separate issue. Thats down to the server side to
supply: you are in this instance acting as a client side.

Thanks in advance for your help
Jeremy

**C. (http://symcbean.blogspot.com/)** · Aug 7 '08, 11:55 AM

Re: ssl and php

On Aug 6, 3:47 pm, "jjrmy1" <jjr...@sbcglob al.netwrote:

Hello I am new to this newsgroup and any help would be much appreciated.
>
I am integrating cc payments into a clients website that uses ZenCart. A
requirement of Authorize.net is that the hosting company have ssl compiled
into PHP.
"CURL is required and MUST be compiled with SSL support into PHP by your
hosting company"
They have CURL but not w/ssl support. Exactly WHAT does this mean? Can I
not just get a third party ssl certificate or am I stuck with paypal?
>
Thanks in advance for your help
Jeremy

As others have pointed out, the connection from your website to your
cc processor is quite seperate from the connection between the
customers browser and your website.If you are capturing the credit
card details into your wesite before relaying these details, then you
MUST, MUST, MUST have SSL between the browser and your website - which
means installing a certificate on your website.

In the case of Paypal, and others, this is not necessary - because all
the secure details are exchanged directly with the payment processor
(over SSL).

Just thought I'd clear that up since your post implies that you are
not already using SSL on your own site.

C.

ssl and php

ssl and php

Comment

Comment

Comment