Solved

https encryption and certificate

Posted on 2007-03-30
4
168 Views
Last Modified: 2008-02-01
On a jsp paysite, I have checked that the site using running SSL as it's https and I have checked the certificate information, is there anything else I can check security wise before makign a payment, I'm talking what I can test from the jsp site itself.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Mayank S
ID: 18825731
Sounds good. Are you going to ask the user for credit card information?
0
 
LVL 3

Author Comment

by:pma111
ID: 18834765
Yeah it does pass such information, or once it goes live it will.
0
 
LVL 3

Author Comment

by:pma111
ID: 18939507
I cant really accept mayankeagle answer as a solution, I was hoping for a bit more info on what could be initially tested....
0
 
LVL 30

Accepted Solution

by:
Mayank S earned 250 total points
ID: 19047217
From a security standpoint, you look good. Make sure that you do not store the credit card number. You can store username/ password in an encrypted format (use one-way hashing for the password). Also make sure you use some clustering/ fault tolerant architecture to ensure your system is highly available. There isn't really much info in your question, so I'm not sure what server you are using. Here is a guide on Tomcat clustering:

http://tomcat.apache.org/tomcat-5.5-doc/cluster-howto.html
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Gain an elementary understanding of Blockchain technology.
We take a look at some of the most common obstacles that IT teams run into as they work relentlessly to keep all the alarms and sirens from going off at once.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question