I am setting up a site that uses Paypal Pro and SOAP to do the transaction in ASP and I need to know as the site payment form resides on the clients website whether I should setup a SSL certificate on that particular page?

We have one that is ready to instal but have never done it before so any advice would be welcome.

The server is a dedicated Windows 2003 one and I have root access so there will be no phoning of hosts and waiting for instalations. Additionally he wants to store credit card details including end month, end year and CVV2 numbers, should I do this and have you any comments on security for encryption and decryption? I have a DLL file installed to encrypt the numbers to MD5 but am having trouble decrypting them when they are requested

Thanks in advance

Robbie