Solved

https encryption and certificate

Posted on 2007-03-30
4
166 Views
Last Modified: 2008-02-01
On a jsp paysite, I have checked that the site using running SSL as it's https and I have checked the certificate information, is there anything else I can check security wise before makign a payment, I'm talking what I can test from the jsp site itself.
0
Comment
Question by:pma111
  • 2
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Mayank S
ID: 18825731
Sounds good. Are you going to ask the user for credit card information?
0
 
LVL 3

Author Comment

by:pma111
ID: 18834765
Yeah it does pass such information, or once it goes live it will.
0
 
LVL 3

Author Comment

by:pma111
ID: 18939507
I cant really accept mayankeagle answer as a solution, I was hoping for a bit more info on what could be initially tested....
0
 
LVL 30

Accepted Solution

by:
Mayank S earned 250 total points
ID: 19047217
From a security standpoint, you look good. Make sure that you do not store the credit card number. You can store username/ password in an encrypted format (use one-way hashing for the password). Also make sure you use some clustering/ fault tolerant architecture to ensure your system is highly available. There isn't really much info in your question, so I'm not sure what server you are using. Here is a guide on Tomcat clustering:

http://tomcat.apache.org/tomcat-5.5-doc/cluster-howto.html
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Starting your own business is always a daunting process, and for most people it is brand new experience. Avoid the common pitfalls by following these tips to start on the road to success.
When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question