Is it necessary to encrypt my website with SSL

[bennyj710]

I have just created an e-commerce site and is it required to encrypt SSL certificate to it. Are there any free options for it?

 

 

[Wim Decorte]

Yes.  If you are taking any form of payment you have to encrypt the data that flows between the client's browser and your web server.

Even if you are not taking payments, people will appreciate knowing that their info is protected.

"Let's encrypt" provides free SSL certs.  But those are not supported for FileMaker deployments.  Is your e-commerce FM based?

[JDW]

I use Let's Encrypt on my main website, and I have links to my FM Pro database which is separately hosted on MacUSA.net.  Since MacUSA supports HTTPS, it is a seamless SSL experience.

[kingzcq]

You need to encrypt the SSL certificate
Free encryption SSL certificate is not full, I do not recommend using free

[JDW]

There's absolutely nothing wrong with Let's Encrypt, regardless of the fact it is free.  They simply do not offer Extended Validation (EV), which is really what you are paying for when you really want to pay for SSL.  However, most people don't need EV.  Indeed, the cost of EV would prevent most people from ever using HTTPS if organizations like Let's Encrypt did not exist.  Do your research on Let's Encrypt before giving them a thumbs down.

[ggt667]

On 5/31/2017 at 9:42 AM, bennyj710 said:

I have just created an e-commerce site and is it required to encrypt SSL certificate to it. Are there any free options for it?

 

 

No, but user experience may improve. Somehow https responds quicker in many cases.

free options can be found in the dehydrated project and the best is to sign your own as described by beezwax in their blog; https://blog.beezwax.net/2017/12/03/creating-your-own-ssl-certificates-for-filemaker/ Of course NSA-worshippers will not agree with this as they may have to do some work to decipher your traffic

Also note that if you did not sign your own certificate; the SSL is pr definition not secure.

For people serious about their SSL root certificates should never leave your SD-card or other removable storage stored in a physical safe; except for the times you turn off your WiFi and disconnect your ethernet, then insert the SD card for signing new related certs; remember to put the SD card back in the safe before you connect to the www again.

Edited January 30, 2018 by ggt667

[Lee Smith]

Hey ggt667,

bennyj710 hasn't been back sine posting his question on 5/3/2018.

Lee

[ggt667]

Hey Lee,

At least now others can search and find a reasonable answer.

G

Edited January 30, 2018 by ggt667

[Lee Smith]

True.