We have are adding eCommerce functionality to our existing website hosted at Network Solutions. The entire process has been a nightmare. We are using Authorize.net as the payment gateway. We are collecting credit card information from the user and sending it to the server over https using an ajax call which in turn posts that info to Authorize.net. A response is then sent back to the client indicating success or fail. Pretty straight forward. When the site is scanned by the pci compliance company we are getting back the following error. Disable TLS/SSL support for weak ciphers Configure the server to disable support for weak ciphers. For Microsoft IIS web servers, see Microsoft Knowledgebase article 245030 for instructions on disabling weak ciphers. Speaking with Netsol they said our current ssl certificate will not pass pci compliance and that they will not disable support for weak ciphers as the recommended solution suggests. They did however suggest we upgrade to one of their eCommerce packages. No thanks. The question is, if we transfer our site to Winhost will this same problem still exists. Is there a certain type of ssl certificate needed? What do you suggest to accept credit cards for a very small eCommerce website.