I'm creating a first ever store. This is dealing with only the security of my site (https://) and not the payment. Yes I will be accepting credit card info and saving it in a database. I'm using Zen Cart.

This is what i understand.
1. I have to buy a secure 128 bit certificate from someone like Verisign. (Let me know if there are others). Are there price differences depending from who you buy? Does price difference mean lesser/greater security?

2. I take this certificate (is it a file?) and install (just upload it?) it on my server (which directory?)

3. And thats about it. (Is there anything else?)

4. Are these security certificates universal, meaning, I can buy from anyone and it would all work on any host? Or, do i have to talk with my host and see if they are supported or unsupported?

How about i stop with that, for now.

Thanks!