For that matter: I have an Apache server, and I have trouble getting my mod_include to work. (got a deadline on friday, too...). I tried everything in the book, went step by step, re-compiled and re-started the server - nothing worked. How did you get yours to work correct? Can you either give me a good reference or some advice?
I am just starting to work with security myself, but I hope this help you start.
In order to conduct secure transactions you need to buy a digital certificate from VeriSign, for (correct me if I am wrong) $200-400. [They have two levels of encryption (40 and 128 bit).] Is's like your id, telling people that this site is approved, registered and able to conduct secure transactions. If you don't want to buy a certificate you can host your site with a company who has a certificate, and you can share it.
When you want to obtain a digital certificate from veriSign they check if your company is legitimate, and some other legal things. If you want more information on that, you should check out https://www.verisign.com/cgi-bin/cle...0013000&email= . The guide explains the why's, how's and when's.