I suggest you ...

Custom SSL Certificate

Allow custom SSL certificates to be installed for RS domains. When a customer goes to https://yourRSportal.yourdomain.com an error is displayed because the SSL certificate does not match the domain. This is also an issue for the Vantiv integrated payments if a customer uses our customer portal link the site does not show that it is SSL protected and there is currently no "secure payment" badged on the Vantiv payment page when a customer clicks "Pay With Credit Card".

48 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

12 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...
  • Gazo commented  ·   ·  Flag as inappropriate

    Yes please - for consistent branding and avoiding the dreaded SSL name mismatch errors that customers see. We spout "security" all the time to clients, then they see we use a security feature that looks poorly setup.

  • luke commented  ·   ·  Flag as inappropriate

    Hello, I would really like to see this implemented. I would like to avoid directing customers to whatever.repairshopr.com - and would instead like to keep branding consistent, while have a valid SSL cert!

  • Anonymous commented  ·   ·  Flag as inappropriate

    This obviously doesn't hide the RepairShopr.com web address from the end user, but what about doing a 302 Redirect for the time being? i.e. setup repairshop.mycompany.com on your own host and have that host do a 302 redirect to mycompany.repairshopr.com. The links you send your clients could still have your branding on them, but their web browser would seamlessly redirect them to the secure page at the repairshopr.com domain. No SSL errors. True the client would see the RepairShopr.com domain name in the URL bar, but the truth is as long as they are not getting an SSL error I'm willing to be 50% or more of the people that use your link will ever notice the URL on the page they are looking at. If someone actually notices most won't care... and those that do and happen to ask just tell them yeah, that's the software you use and that yes that's legitimate. At least until custom SSLs are available :)

  • Daniel Koster commented  ·   ·  Flag as inappropriate

    @Dan - a wildcard SSL is already implimented. But as @Rob pointed out, it doesn't help for anyone using a CName to make the interface appear as *.YourDomain.com instead of *.RepairShopr.com.

    The only solution is to direct payments to the actual RepairShopr address until such time that RS can allow custom SSL certificates. A multi-domain SSL should work as well but that would be a nightmare for RS to manage so I can see why they are reluctant to do that.

  • Rob commented  ·   ·  Flag as inappropriate

    @Dan

    Wildcard certificate isn't the whole answer here. We're using our own domains repairshopr.mycompany.com and rerouting that to mycompany.repairshopr.com

    We need a solution where when a customer receives a link from us that points them to repairshopr.mycompany.com and then gets rerouted to mycompany.repairshopr.com it maintains the secure chain. The reason it fails right now is because the browser sees repairshopr.mycompany.com but it's actually at a repairshopr server. Repairshopr can't just implement an SSL certificate that references OUR domains and we can't just implement an SSL certificate that references THEIR servers.

    tl;dr it's complicated and wildcard certificates do not solve the problem. not fully anyway.

  • Alfredo commented  ·   ·  Flag as inappropriate

    Agreed, Many customers bring this up when paying online, please help resolve!

  • Rob commented  ·   ·  Flag as inappropriate

    With all of the security hoopla in the news as of late, this is becoming to be a huge deal for our clients.

Feedback and Knowledge Base