?
Solved

https encryption and certificate

Posted on 2007-03-30
4
Medium Priority
?
173 Views
Last Modified: 2008-02-01
On a jsp paysite, I have checked that the site using running SSL as it's https and I have checked the certificate information, is there anything else I can check security wise before makign a payment, I'm talking what I can test from the jsp site itself.
0
Comment
Question by:pma111
  • 2
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Mayank S
ID: 18825731
Sounds good. Are you going to ask the user for credit card information?
0
 
LVL 3

Author Comment

by:pma111
ID: 18834765
Yeah it does pass such information, or once it goes live it will.
0
 
LVL 3

Author Comment

by:pma111
ID: 18939507
I cant really accept mayankeagle answer as a solution, I was hoping for a bit more info on what could be initially tested....
0
 
LVL 30

Accepted Solution

by:
Mayank S earned 1000 total points
ID: 19047217
From a security standpoint, you look good. Make sure that you do not store the credit card number. You can store username/ password in an encrypted format (use one-way hashing for the password). Also make sure you use some clustering/ fault tolerant architecture to ensure your system is highly available. There isn't really much info in your question, so I'm not sure what server you are using. Here is a guide on Tomcat clustering:

http://tomcat.apache.org/tomcat-5.5-doc/cluster-howto.html
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I came across an unsolved Outlook issue and here is my solution.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question