Australia
Experience: Advanced
Platform: NinjaTrader, Multicharts
Trading: Spot Forex, Gold, Silver
Posts: 176 since Oct 2010
Thanks Given: 114
Thanks Received: 114
|
I am writing an app for tablets and smartphones as an hobby project and I am not a professional coder so please excuse the simple/noob questions!
The app will connect to an website and use a REST API to sync data across devices. I am also developing the website on my own. I have got a simple Web API running and I can do GET, PUT etc from my app. It's all in HTTP plain text at the moment.
- What is the best practice to encrypt the comms between clients and the web server? Is an SSL certificate the way to proceed?
- I registered the website under my own name and used the whois privacy option to hide the details from the public. So will I have issues with obtaining an SSL cert for a domain that is registered to an individual? Do I have to remove whois privacy for the SSL provider to do due diligence before issuing the cert?
- Can I do all this instead with a self-issued certificate? The website will only be used for pointing the users to the mobile applications.
|