Third Party SSL Certificate Authorities

Open Directory - Computers: Security: Public Key Infrastructure: PKIX: Tools and Services: Third Party Certificate Authorities

CAcert - A community driven certificate authority that issues certificates to the public at large for free.

Comodo - Provider of 128-bit certificates and various other security related products.

Digicert - Certificate authority offering a range of services including PKI and a seal program.

Digi-Sign - Bulk vendor of 128-bit certificates offering PKI and verification services.

Digital Signature Trust Co. - DST was the first CA to be licensed in the U.S. DST provides PKI-based digital certificate services and electronic commerce solutions for commercial and government clients. DST creates the trust that enables organizations to fully benefit from electronic commerce.

Ebizid - Certificate authority offering 128 and 256 bit certificates. Also a provider of various security products including validation and vulnerability testing.

Enterprise SSL - Provider of wildcard and single domain 128-bit Comodo SSL warranted certificates for web servers.

Entrust.net - Subsidiary of Entrust, Inc. Sells digital certificates that enable Web servers to establish Secure Sockets Layer (SSL) sessions.

GeoTrust - Vendor of SSL certificates that features an identity verification program.

GlobalSign - The Leading European Trusted Network of Certification Authorities.

LiteSSL - Provides secure 128/256 bit ssl digital certificates.

Network Solutions: SSL Certificates - Offer digital certificate services and secure seal schemes for websites.

Pink Roccade PKI - Netherlands based reseller of Verisign certificates.

ProntoSSL - Reseller of 128Bit QuickSSL Premium, RapidSSL and Geotrust Verified Domain Certificates.

QualitySSL - A Denmark based provider of 128 bit certificates and identity assurance products.

Rapid SSL - Provider of 256 bit single root install SSL Certificates.

Secure SSL - Provider of Comodo 128 bit SSL certificates and web identity services.

SimpleAuthority certification authority - A free certification authority that can be used to generate keys and certificates for secure email, client and server SSL authentication, VPN access, etc.

SSL Certificate Management Site - Site allows users to create, download and store free SSL self-signed certificates.

SSL.com - Provider of wildcard, single and multi-year warranted 128-bit SSL certificates for web servers.

Thawte Digital Certificates - Global certification authority offering a range of SSL and code signing digital certificate products.

Trustwave - SSL certificates authority featuring 256 bit AES encryption.

The USERTRUST Network - A Public Key Infrastructure providing SSL Certificates and Digital Signatures.

VeriSign - SSL certificates, communications and content delivery, plus security consulting.

How can I force my site to add "www." before the URL if visitors don't enter it?

Zen Cart(tm) Tutorials and FAQs - How can I force my site to add "www." before...

Scenario:
Customer types in "example.com" when trying to enter your website.
In most cases this will let them get to your site fine.

BUT ... if you've configured your site to use "www.example.com" in all the URLs it generates, then the customer's next click will attempt to change the URL and (on some servers) may log them out if they were attempting login, etc. This is because of the way PHP session security works with setting a session cookie tied to a domain name, etc. The technical details can be read online elsewhere.

Also, in Internet Explorer, if you are using some fancy flyout CSS effects the addon script that drives this may not be "found" because of the change in domain name ... meaning that the menu won't work until the customer first does another click on your site.

There are a couple things to keep in mind to handle this:

1. Always be consistent in your use of your domain name. If you're going to use "www.example.com", be sure to use it exactly that way everywhere. Don't drop the "www." unless you do it consistently in all places.
2. In your SSL certificate, when you register one, you must specify a domain name. Again, be consistent. If you're using "www." in your URL, use it in your SSL certificate too.
3. Ensure that your hosting company has configured a "www." address as an alias to your domain name ... so that "both" will work -- otherwise visitors might get a "domain not found" error instead of your site.
4. If you are running on an Apache webserver, you can set up a .htaccess rule to automatically add the "www." into the URL if the customer forgets to include it. The following is what you'd put in your .htaccess to accomplish this:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

--------------------
How to Remove the WWW Prefix from Your Domain Names Using Apache's mod_rewrite

To redirect any URL starting with (say) www.example.com to example.com, add the following code to your .htaccess file.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]

The above rules checks if the hostname in a URL contains www.example.com. If it does, the visitor is sent to example.com instead.

To use the rule, change all instances of "example.com" to your actual domain name. For the line beginning with RewriteCond, add a backslash ("\") before each of the full stops (or "periods") in your domain name.