Reputation: 23
Is my SSL certificate good enough for financial transactions on my shopping cart
I have an online shop and I've just installed a new SSL certificate and it was free. It does seem too good to be true. I'm a very cynical type of person.
I don't know about different types of SSL, but I just need to be able to accept payment data (I'm using a PayPal add-in on Opencart).
I got my certificate from letsencrypt and they don't explain much on there website.
But if you go to my website Gwenllian-retail you will see the certificate. Can I handle financial transactions with that?
If not what type of SSL do I need?
Upvotes: 0
Views: 78
Answers (2)
Reputation: 181199
One does not need much money or complicated software to create valid SSL certificates. I could create my own with ease, if I wanted. In fact, I have done. There is no reason to think that LetsEncrypt certificates are somehow of a wrong kind.
The question is whether people will trust those certificates, and that comes back to whether they trust the Certificate Authority (CA) that signed them. If I sign my own certificate and present that to someone as proof of my identity then that other party has no more reason to trust that the data within accurately identify me than if I just told them directly.
LetsEncrypt serves as the CA for SSL certificates it provides. I have never relied on them for a certificate, but according to hosting company DreamHost, LetsEncrypt certificates are trusted by all major browsers. (LetsEncrypt makes the same claim about itself, too.)
Again, all this trust business is mostly about authentication: whether the entity that presents the certificate (your web site) is really the entity that it says it is. It is not about the nature or quality of the encryption with which the session is secured. That comes down to the capabilities of the two endpoints, and is largely independent of the certificate.
Upvotes: 1
Reputation: 743
Let's Encrypt is a well known service backed up by many big players. So yes, it's OK to use it in on your site. BUT ! SSL certificate is not everything, it's only one of many shields to protect you application.
Upvotes: 0
Related Questions
- Is it secure enough to sent credit card information using HTTP POST on a encrypted SSL connection?
- pay with paypal, do I need ssl certificate
- Do I need SSL with Virtumart if I don't use a payment method?
- Securing with SSL?
- Are HTTPS URLs secure?
- Is my SSL certificate valid?
- Is this Paypal setup secure?
- Setting up SSL for credit card payments
- Queries Regarding SSL Certification and Online Payment Gateway
- Do I need SSL Layer for my website if I use Paypal Standard Payment?