SSL certificates for "Base Reseller URL"?

[jtaugher]

I have a freelancer that could easily purchase an account with space from me, and I'd rather he design and use my hosting, than lure my clients away to some host he uses. Then of course, sell space for his own clients.

So, if I want to further "brand" my own control panel, if not much more than just the URL changing, I can do that on the HSPHERE "home" page under "Change Base Reseller URL" right?

I will also need an SSL certificate or two -- is that also right? If so, what type can I get for cheap?

Yes, you can change your CP URL from within your reseller control panel. You can change this without making it secure.

Vortech sells these 3 certificates:

Quick SSL: $89.00 per year
http://geotrust.com/web_security/quickssl.htm

Quick SSL Premium: $150.00 per Year
http://geotrust.com/web_security/quicksslpremium.htm

TrueBizID: $150.00 per Year
http://geotrust.com/web_security/truebusinessid.htm

All use 128 bit encryption and we do not offer or support Wildcard Certificates.

If you would like more information on SSL's please submit a trouble ticket to Sales.

[Brangwyn]

Quote:

So, if I want to further "brand" my own control panel, if not much more than just the URL changing, I can do that on the HSPHERE "home" page under "Change Base Reseller URL" right?

Right, you should probably be doing this already though so it's cp.servicedomain:8080 as thats part of the setup instructions for a reseller if you followed psofts documentation.

SSL theres been lots of discussion about round here, cheapest is a chained cert from ev1servers.net right now I think @ about $20

[Silverbug]

Quote:

Originally Posted by Brangwyn

SSL theres been lots of discussion about round here, cheapest is a chained cert from ev1servers.net right now I think @ about $20

I think they have gone up to $49 now

[Brangwyn]

Still says $19.95 on their website.

http://www.ev1servers.net/english/chainedssldetails.asp

[generic]

that's a chained ssl, not the Quick SSL they used to offer.

I must admin, even reading all I can, I still do not really understand the difference between the two.

Anyone explain it in simple terms?

Anyone use a chained here?

the GeoTrust QuickSSL Certificate (the one that used to be $19) did go up to $49 and you can get it here:

http://www.ev1servers.net/english/quickssldetails.asp

just done ever expect support, because geotrust will not provide support> If you buy it from EV1, you have to go to them, and the last time I called EV1 for support the tech could not answer a simple question about certs.

[Brian]

Quote:

Originally Posted by tracewebspace

that's a chained ssl, not the Quick SSL they used to offer.

I must admin, even reading all I can, I still do not really understand the difference between the two.

Anyone explain it in simple terms?

See if this article helps

What is a chained root SSL Certificate?

[Brian]

Quote:

Originally Posted by jtaugher

So, if I want to further "brand" my own control panel, if not much more than just the URL changing, I can do that on the HSPHERE "home" page under "Change Base Reseller URL" right?

If you login to your CP with your administrative account, you can go to the Look and Feel section. In there, you can edit the banner HTML. You can make the header section of your CP look *almost* identical to your website header. Sometimes you need to be a little creative, but for the most part, you can get a common look from your own website.

I actually got mine looking fairly decent, but I split the banner across the banner section, and the rest is an image in the "Logo Image URL" configuration setting.

You can also configure the "Signup Image URL", which is an image seen during the plan sign up (obviously...), and the "Login Image URL" is that big H-SPhere logo on your CP login page.

I didn't bother playing with the image base location...

Beyond the banner section, then you would modify the Design Settings, and configure a custom colour scheme. Use the colours on your own webpage as a guideline for what to use here. Play with them, and click Preview to see what changes what.

The other thing I did to make my setting a little more unique was I did not use the default value in the alias for the control panel. So rather than having http://cp.myresellerdomain.com:8080 I used http://whateveriwant.myresellerdomain:8080



Here are some notes that I have on customizing the look and feel:

Quote:

Step 1: Login to your Control Panel.
Go to the HSphere Admininistration Login.


1. In the Login edit box enter your user name.
2. In the Password edit box enter your password.


Step 2: Login to your Administrative account.

Click on the Login icon to login to your Administrative account.

NOTE: This step will be needed only for resellers. If you are not reseller move to Step 3.


Step 3: Enter the Look and Feel section of HSphere.


Click on the Look and Feel link in the navigation menu on the left.


Step 4: Edit your Image Settings within HSphere.

Note: These settings will appear within your HSphere administration, order forms and customer control panels.

1. Banner HTML Code: enter the HTML code for the banner you want to show up both in admin and your users control panels.
Tip: We recommend that this is a link to your Support Center for you customers to use. Example: yourdomain.webmastertoolkit.com

2. Show Copyright: toggle the button to show/hide the copyright notice in the top left corner of the window above the logo both in admin and user control panels.

3. Logo Image URL: enter the URL address of the image to show up in the top left corner of the window.
E.g.: http://www.yourdomain.com/images/logo.gif

4. Signup Image URL: enter the URL address of the image to show up in the left top corner of the windows for plan signup forms.
E.g.: http://www.yourdomain.com/images/signup.gif

5. Login Image URL: enter the URL address of the image to show up on right hand side of the login/logout page.
E.g.: http://www.yourdomain.com/images/login.gif

6. Click the Save button to save your settings.


Step 5: Enter the Design Settings within HSphere.

Click on the Design Settings link in the navigation menu on the left.


Step 6: Modify a Design.
Note: These Design Settings will become the default designs for your customer control panels.

1. From the Choose design drop down list choose design.
2. Click Modify button and move to Step 7.

To set the Base image directory or URL, click Change button at the bottom and the following form will appear:

1. In the Base image directory or URL edit box enter the base image directory or URL.
2. Click Submit Query button.

Important: your own custom images added to the H-Sphere interface can be lost with the new release update unless you put them into /home/cpanel/shiva/shiva-templates/common/IMAGES/


Step 7: Color Scheme Settings.
If you have clicked Modify button in the Step 6. the following form will appear:

1. To allow users to choose your design, click the ON/OFF button next to the Users can choose this design section, and set it to ON.
2. To set this design as a default, click the ON/OFF button next to the New users will get this design as default section, and set it to ON.
3. If you wnat to choose some other design, from the Choose another design drop down box choose the desired design.
4. Click Modify button.
5. From the Color scheme drop down box choose color schemes.
6. Click Apply button.
7. From the Image set drop down box choose image schemes.
8. Click Set button.

If you want, you can use schemes to create your own custom color schemes. Move to Step 8.Custom Color Settings to see how to do that.


Step 8.Custom Color Settings

1. In the edit box next to the description of color enter the custom color settings.
2. Click Save button to save your changes.
3. Click Reset button if you want to reset all changes.
4. Click Preview button if you want to preview the look of your design.

Notice: If you decide to return to one of the four standard designs all your custom configuration will be lost.

[Brangwyn]

Quote:

that's a chained ssl, not the Quick SSL they used to offer.

Yup, I did say chained cert though

Two types of cert basically, chained and root. virtually All browsers know how to recognise a root certificate these are the ones issued by the big boys, verisgn, microsoft etc (to see them in Internet Explorer go to tools -> internet options -> content then click the certificates button .. then select the trusted root certification authorities tab).

Following copied from a website, it explains the difference pretty well

What is the difference between a single root and a chained root SSL Certificate?
When connecting to a webserver over SSL, the visitor's browser decides whether or not to trust the website's SSL certificate based on which Certification Authority has issued the actual SSL certificate. To determine this, the browser looks at its list of trusted issuing authorities - represented by a collection of Trusted Root CA certificates added into the browser by the browser vendor (such as Microsoft and Netscape).

Most SSL certificates are issued by CAs who own and use their own Trusted Root CA certificates, such as those issued by GeoTrust. As GeoTrust is known to browser vendors as a trusted issuing authority, its Trusted Root CA certificate has already been added to all popular browsers, and hence is already trusted. These SSL certificates are known as "single root" SSL certificates. See the sample (Equifax became GeoTrust in 2001.

For a Certification Authority to have its own Trusted Root CA certificate already present in browsers is a clear sign that they are long-time, stable and credible organizations who have long term relationships with the browser vendors (such as Microsoft and Netscape) for the inclusion of their Trusted Root CA certificates. For this reason, such CAs are seen as being considerably more credible and stable than chained root certificate providers who do not have a direct relationship with the browser vendors. You can view the Certification Authorities who have their own root certificates by viewing the list in your browser.

As well as issuing SSL Certificates the Trusted Root CA certificate can be used to create another certificate, which in turn will then be used to issue SSL Certificates. As the Intermediate or Chained Certificate is issued by the Trusted Root CA, any SSL Certificates issued by the Intermediate Certificate inherit the trust of the Trusted Root - effectively creating a certification chain of trust. It is highly unlikely that you will encounter any problems when using chained certificates.

Do I require a single root or chained root SSL certificate?
Single root certificates are issued directly by a Trusted Root CA certificate e.g. GeoTrust. The Trusted Root CA certificate is already contained within all popular browsers, and hence is already trusted. This type of certificate has the greatest browser recognition.

If you have a low volume website and you decide that your customer's confidence is not affected at all by the brand behind the SSL certificate or the volume of customers that would have an issue are insignificant in number then Chained SSL is the perfect answer. It is all about customer confidence. Whilst Chained SSL technology is production grade, only you can really determine whether your customers confidence will improve significantly if you purchase an established brand like GeoTrust.

As a guide, typical customer transaction value is sub $50 and volumes of transactions are less than 50 per week. Please Note: The 50 per week example figure is simply a commercial guide and not a technical restriction. Technically the Chained SSL certificate will not be restricted from conducting more transactions than 50 - they are still industry standard 128 bit SSL certificates. However it is our opinion that sites conducting more than 50 transactions will require a Professional Level SSL certificate.

[Carly]

You have to be careful with the custom cp images when you add an SSL. There's no where to upload the images for the cp.yourdomain.com that the SSL would have to be purchased for (that I know of anyhow) so you'd have to have a separate SSL for either the site itself (yourdomain.com) or load your images from another secured site. It will work of course if you leave it like it is, it will just throw those warning messages about not all items on the page are secure.

[mresell]

As I understand it main issues w/ chained and regular certs are mainly browser recognition, security and since you have a "middle-man" cost or other issues COULD change unexpectedly.

[mresell]

Quote:

Originally Posted by Brian

The other thing I did to make my setting a little more unique was I did not use the default value in the alias for the control panel. So rather than having http://cp.myresellerdomain.com:8080 I used http://whateveriwant.myresellerdomain:8080

What is the advantage to using a diff url for control panel, other than choice? You still need 2 certs if you want to minimize chances for an alert message. One for cp and one for your images.

After looking at the freessl certs I can't see a real diff in that and geotrust quickssl. The quickssl doesn't give much,but a little prestige (for people who know or care about ssl certs) and slightly better compatibility. Since freessl owns the root I don't think it has some of the chained issues like comodo. Other than a very small percentage of browsers having issues (which happens anyways for various reasons)...not til you get a certain level of business. Unless there is a problem installing or using them. If you looking at $100 for a cp and image directory or $40, plus reoccurring there should be a good reason. You can always upgrade later. All most people care about is whether something is 128-bit encrypted. Has anybody had problems with the freessl chained certs?

[jtaugher]

I enabled the temporary certificate, and it's now been encrypted for a few weeks. Sure it does bring attention that the certificate is:

"The security certificate was issued by a company you have not chosen to trust. View the certificate whether you want to trust the certifying authority"

Yet, the following are both CHECKED:

* The security certificate date is valid.

* The security certificate has a valid name matching the name of the page you are trying to view.

That works enough for me. If I customers/freelancers/other resellers who need a little space to host a website or two, they won't mind that error message.

[Brian]

Quote:

Originally Posted by mresell

What is the advantage to using a diff url for control panel, other than choice?

You are right - there is not an advantage from an SSL point of view... but I was just offering suggestions to part of the initial question about branding a reseller site and just pointing out that you don't have to use the default alias for the control panel.