SSL Check

Forums › Off topic › SSL Check

1 | 2

SteveON

1916 posts

Uber Geek

#373080 26-Aug-2010 12:25

Actually, could any of you guys please check this again? We are receiving conflicting results... Here @ work firefox 4 is working fine but for some overseas there is a new issue :(

TechnoGuy001

853 posts

Ultimate Geek

ID Verified

#373102 26-Aug-2010 13:13

All tests done on Mac OS X 10.6.4

Working on FF 4.0b4
Also Opera 10.53
Doesn't work on latest Safari or Webkit

SteveON

1916 posts

Uber Geek

#373107 26-Aug-2010 13:23

TechnoGuy001: All tests done on Mac OS X 10.6.4

Working on FF 4.0b4
Also Opera 10.53
Doesn't work on latest Safari or Webkit

Thanks, I wish we had access to a mac here @ work

SteveON

1916 posts

Uber Geek

#373200 26-Aug-2010 16:26

Can you please test again?

TechnoGuy001

853 posts

Ultimate Geek

ID Verified

#373222 26-Aug-2010 17:11

Bingo!

It works now.

Safari and Chrome

No idea why the screenshots are so squashed... They look fine in the editor.

SteveON

1916 posts

Uber Geek

#373229 26-Aug-2010 17:24

Thanks!

I wish I knew more about all this stuff, I just pay the bills...

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#373365 26-Aug-2010 21:02

Heh. I must say I prefer working with DPS. They handle the grunt work of the PCI Compliance, and just have my applications give directions to their systems when I need to bill something.

Sharesies

Trade NZ and US shares and funds with Sharesies (affiliate link).

SteveON

1916 posts

Uber Geek

#373381 26-Aug-2010 22:07

Kyanar: Heh. I must say I prefer working with DPS. They handle the grunt work of the PCI Compliance, and just have my applications give directions to their systems when I need to bill something.

I know PCI compliance is annoying but we chose the 2 party approach and will stick with it. Hopefully Paystation come out with their hosted payment page which will take away the need for such high PCI requirements. But being PCI is a good thing anyway.

Kyanar

4089 posts

Uber Geek

ID Verified

Trusted

#373425 27-Aug-2010 07:35

2 party approach? I'm not sure I follow?

That said, I do agree that being PCI compliant is a good thing, but being able to skip the requirements that are outright stupid (such as disabling SSL2 - seriously, who's got the resources to intercept and brute force that?!?) is invaluable.

An easier way to do it, incidentally, is to have SSL terminate at some form of load balancer equipment, meaning you only have to setup the SSL once. Off the top of my head, I think that a load balancer MIGHT be permitted to communicate unencrypted with a web server, provided that the web server and appendages are the only thing on that network segment/VLAN.

SteveON

1916 posts

Uber Geek

#373446 27-Aug-2010 09:32

Kyanar: 2 party approach? I'm not sure I follow?

That said, I do agree that being PCI compliant is a good thing, but being able to skip the requirements that are outright stupid (such as disabling SSL2 - seriously, who's got the resources to intercept and brute force that?!?) is invaluable.

An easier way to do it, incidentally, is to have SSL terminate at some form of load balancer equipment, meaning you only have to setup the SSL once. Off the top of my head, I think that a load balancer MIGHT be permitted to communicate unencrypted with a web server, provided that the web server and appendages are the only thing on that network segment/VLAN.

2 party credit card processing is where we grab the info and pass it across to paystation who then process it. Ideally we want 2.5 party where Master Card Secure Code and Verified by Visa are accepted but NZ is lagging in this area.

The problem we had is that a new SSL bug has affected all SSL 2,3 and TLS 1.0. Damn annoying because most of these issues are theoretical bugs however if they set up the test just right it can be achieved in real life. I think SSL is much better then no SSL...

1 | 2