Hi all,
My company is developing a payment system which runs its pages from https. The plan is that our customers (who are online retailers) will be able to utilize the payment system from within their own sites inside an iframe.
Now Ive checked and it seems fine to have the payments pages served as an iframe running https, with the outside (retailers) page running http.
However, we would like to set it up such that the retailer could also serve their end of the payment pages (i.e. the pages that contain the iframe) as https also.
My question is: Is having the retailers page as https, with https payment screens inside an iframe (running a separate certificate), going to mess up the security or cause security warnings to appear from the browsers of people using the sites?
Thanks,
-Mark-