[cobalt-users] Off topic - kind of - SSL question

["Cobalt" <cobalt@xxxxxxxxxxxx>]

This is a bit off topic, but I thought there might be someone out there that
has the answer.

I am interested in offering secure ordering to my customers.  I have the
secure cert figured out and working.  The problem I am running into is the
email.  Once the order is sent with credit card information, it is not
encrypted.  Putting PGP on the server is out of the question due to cost.  I
have been playing with GnuPG but haven't been able to get it to work with
PGP  or a Windoze client to decrypt the message.

Question #1:  Does anyone have this working on a RAQ3? or have good
information on how to get it working?

Another option that I was thinking of was using PHP3 and MySQL.  I would
like the customer to order online via the secure connection and have the
ordering information stored in a MySQL database.  The customer could then go
to a secure web page and view the order information.

Question #2:  What are the security implications with doing it this way?  My
understanding that as long as you have a secure cert that any information
exchanged between the server and the client browser is encrypted/secure.  Is
this true?  Would there be any issues with the security of the MySQL
database?

Any help would be appreciated.  SSL is still pretty new to me, and it is
very important that it is 100% secure for ordering.

Thanks,
Scott