Good Day To All, System Config: Windows Server 2003 PHP 5.2 I'm hoping someone can help give me a high level understanding between the differences between an SSL certificate installed on my webserver and an SSL module (e.g. OpenSSL) installed on my web server. 1. My current understanding is that the SSL certificate installed on my webserver will encrypt data coming from and going to a client web browser if the protocol is HTTPS. So, if on a checkout form at my web store the url begins with https, then credit card info, etc. will be encrypted and considered safe from sniffers, etc. Is this correct? 2. I become fuzzy then for the need or proper use of an SSL module (let's just go with OpenSSL). Specifically, my current webstore has VeriSign's Payflow Pro API installed on the webserver, and I have written a class that sends payment requests to VeriSign by using the Payflow Pro as a COM object. However, this is very slow (taking 30 seconds per transaction). Recently my company purchased X-Cart Shopping cart software and I am trying to get this configured to use our Payflow Pro account using XMLPay. However, I keep getting an error that no SSL module could be located for secure transactions. So, why do I need an SSL module if I am submitting transaction data to an HTTPS url? PHP is configured with OpenSSL support (v0.9.8d), I assume this just means OpenSSL functions are available, but I still need to install OpenSSL on my webserver? Any clarification would be much appreciated. Thank you. Ken Vandegrift kvandegrift@xxxxxxxxxx <mailto:kvandegrift@xxxxxxxxxx> Web Administrator Sharis Mgmt. Corp
