secure site

Discussion in 'ASP .Net' started by =?Utf-8?B?SklNLkgu?=, Mar 15, 2005.

  1. Hello,
    I had my connection string defined in web.config, now I want to have my
    asp.net application as a secure site with https://, how should I do this?
    Thanks,
    Jim.
     
    =?Utf-8?B?SklNLkgu?=, Mar 15, 2005
    #1
    1. Advertising

  2. =?Utf-8?B?SklNLkgu?=

    Scott Allen Guest

    Hi Jim:

    Using SSL (https) doesn't require any changes in the web.config.
    You'll need to get a certificate for your server, install it, and
    configure IIS to use SSL. There are a couple ways to get a free cert
    for testing (or permanent use, if this isn't an Internet site).

    Some details here:
    http://support.microsoft.com/kb/q298805/

    --
    Scott
    http://www.OdeToCode.com/blogs/scott/

    On Mon, 14 Mar 2005 17:05:05 -0800, JIM.H.
    <> wrote:

    >Hello,
    >I had my connection string defined in web.config, now I want to have my
    >asp.net application as a secure site with https://, how should I do this?
    >Thanks,
    >Jim.
     
    Scott Allen, Mar 15, 2005
    #2
    1. Advertising

  3. Hi Scott,
    Thanks for reply.
    1. If it is not a connection to SQL server, Where exactly SSL is in use?
    What part of web site is secured by SSL?
    2. Do I really need it, or it is only third part confirmation that the site
    is legitimate?
    3. Do you know a web site I can get free certificate?
    Thanks,
    Jim.


    "Scott Allen" wrote:

    > Hi Jim:
    >
    > Using SSL (https) doesn't require any changes in the web.config.
    > You'll need to get a certificate for your server, install it, and
    > configure IIS to use SSL. There are a couple ways to get a free cert
    > for testing (or permanent use, if this isn't an Internet site).
    >
    > Some details here:
    > http://support.microsoft.com/kb/q298805/
    >
    > --
    > Scott
    > http://www.OdeToCode.com/blogs/scott/
    >
    > On Mon, 14 Mar 2005 17:05:05 -0800, JIM.H.
    > <> wrote:
    >
    > >Hello,
    > >I had my connection string defined in web.config, now I want to have my
    > >asp.net application as a secure site with https://, how should I do this?
    > >Thanks,
    > >Jim.

    >
    >
     
    =?Utf-8?B?SklNLkgu?=, Mar 15, 2005
    #3
  4. =?Utf-8?B?SklNLkgu?=

    Scott Allen Guest

    Hi Jim:

    See inline

    On Tue, 15 Mar 2005 05:19:05 -0800, JIM.H.
    <> wrote:

    >Hi Scott,
    >Thanks for reply.
    >1. If it is not a connection to SQL server, Where exactly SSL is in use?
    >What part of web site is secured by SSL?


    Well, you can connect to SQL Server using SSL, but I was assuming you
    wanted the web site to require clients to use SSL. Typically you only
    need SSL between the application and SQL Server if the network path to
    the database is on an insecure network, otherwise it is just overhead.

    >2. Do I really need it, or it is only third part confirmation that the site
    >is legitimate?


    HTTPS has two purposes - it encrypts the traffic between the server
    and client so that noone can snoop on the data. A certificate also
    proves that the server is who it claims to be. Like I'd want to be
    sure the amazon.com web server is really amazon.com before I hand over
    my credit card information.

    >3. Do you know a web site I can get free certificate?
    >Thanks,


    Do you have a server version of Windows handy? If so, you can generate
    your own certificates for internal use and test. If you are building
    an internet site you'll have no choice but to buy a real certificate
    from a trusted authority. I don't know if any of them offer a free
    certificate, but I doubt it.

    >Jim.
    >
    >



    --
    Scott
    http://www.OdeToCode.com/blogs/scott/
     
    Scott Allen, Mar 15, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,447
    Teemu Keiski
    Jun 8, 2004
  2. Daniel Malcolm
    Replies:
    0
    Views:
    557
    Daniel Malcolm
    Jan 24, 2005
  3. zdrakec
    Replies:
    1
    Views:
    437
    zdrakec
    Jul 25, 2005
  4. Joe
    Replies:
    5
    Views:
    961
    Steven Cheng[MSFT]
    Dec 13, 2005
  5. verbal kint
    Replies:
    1
    Views:
    552
    Sudsy
    Sep 4, 2004
Loading...

Share This Page