SSL question


Hi everyone,

I have a vb.net web appliation that has a few pages that need to be viewed via SSL (to protect the users data).

I've never had to do this before, so I'm hoping some of you have? Here are a few questions:

1. Does the SSL certificate protect the whole site, if the pages are called via 'https'?

2. Can you protect just one directory within your application & then call those pages via 'https'?

3. By calling pages via 'https, is this how the SSL layer takes over (obviously after it is installed correctly on the web server and application)...

I guess just a nice quick summary of how this works will get me a long way... As stated, I only have a handful of pages that will need to be incrypted.

Any help would be greatly appreciated.

P.S. Has anyone used the 'Go Daddy' SSL certificates?

Thanks

..:: Bare ::..



Also, if you purchase an SSL Certificate for your domain name... how are you able to install and test and SSL certificate on your local development machines, to ensure all is working before moving to production?  Are there such things as internal testing certificates???

Pardon the questions... haven't done this before...

..:: Bare ::..



SSL is only actuated by using the https:// prefix.  If you have SSL set up for a domain, if someone types https:// they will get to the site without security.  The only way around this is for your web application to dynamically check the URL being viewed, and force a redirect to https:// or https:// depending on what's required on a page-by-page basis.  This dynamic redirection needs to be done very carefully to avoid infinite loops, however.

As far as testing.  Microsoft provides a free SSL certificate creator that will attach an SSL certificate to a local site.  I forget what the software's called (dev laptop is in new house I'm moving to or I'd look for the file).  It's a little quirky, but does the job once you figure out how to use it.


Al Bsharah: Twitter / Blog
Aholics.com:

That is the information that I needed.

Thanks, Al!

..:: Bare ::..



Bare (7/3/2005)
That is the information that I needed.

Thanks, Al!

Hi Bare,

A great tutorial for setting up a localhost SSL cert can be found at...
https://www.xenocafe.com/tutorials/self_signed_cert_IIS/self_signed_cert_IIS-part1.php

I've used this several times and can confirm the process works. We use https://www.instantssl.com/ (nice name) for our live certificates.

Hope this helps a little :)

http://www.instantasp.co.uk/images/line.gif
Kindest Regards,

Ryan Healey



ryan@instantasp.co.uk
www.instantasp.co.uk
Blog | Community | Docs

http://www.instantasp.co.uk/core/assets/images/email/facebook.png http://www.instantasp.co.uk/core/assets/images/email/twitter.png http://www.instantasp.co.uk/core/assets/images/email/google.png http://www.instantasp.co.uk/core/assets/images/email/linkedin.png


It helps a lot..

Thanks so much...

What a cool forum... So many professional people here.. willing to help out.. awesome!!

..:: Bare ::..



Also, the Microsoft version that someone referenced is called the IIS Resources Kit which includes a bunch of programs, one being SelfSSL which allows you to create ssl certs on your local machine.

yes..an ssl certificate protect all directories. under one domain..if are accessed through that https...address.....other then....it can be not....
go for godaddy.com they are the best in that service..

Bare (01/07/2005)
Hi everyone,

I have a vb.net web appliation that has a few pages that need to be viewed via SSL (to protect the users data).

I've never had to do this before, so I'm hoping some of you have? Here are a few questions:

1. Does the SSL certificate protect the whole site, if the pages are called via 'https'?

2. Can you protect just one directory within your application & then call those pages via 'https'?

3. By calling pages via 'https, is this how the SSL layer takes over (obviously after it is installed correctly on the web server and application)...

I guess just a nice quick summary of how this works will get me a long way... As stated, I only have a handful of pages that will need to be incrypted.

Any help would be greatly appreciated.

P.S. Has anyone used the 'Go Daddy' SSL certificates?

Thanks

GO

Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....







InstantASP Forums


Search