I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
14  3021 
David,
First, you'll need an SSL certificate installed in IIS. Once it's
installed and configured, you should be able to reach the site through
https.
Now, you don't really configure the page to be used with https. What
you'll need to do with a login form is, see if the protocol being used is
http or https. If it's https, simply do a quick redirect to the login page
again, but this time do it through https.
You can test if you're using https connection by checking the value
of the Response.ServerVariables["HTTP"] collection. If the value is ON it's
using https. If it's off it's just using HTTP. Do a quick test for this and
redirect and you should be all set.
If you want to ensure that the entire site is secured you could also
write an httpmodule that checks each request to ensure the protocol is https
and redirects as needed otherwise.
(full list of servervariables at: http://msdn.microsoft.com/library/de...ba2c253006.asp)
Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com... I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
David,
Go to the IIS management Console, open your application property, Directory
Security tab. If your have an SSL certificate installed, you will have the
Secure communications group panel enabled. That is the place.
Eliyahu
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com... I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
The following from http://support.microsoft.com/?kbid=324069
Configuring Your Web Server for SSL
To enable SSL in IIS, you must first obtain a certificate that is used to
encrypt and decrypt the information that is transferred over the network.
IIS includes its own certificate request tool that you can use to send a
certificate request to a certification authority. This tool simplifies the
process of obtaining a certificate. If you use Apache, you must obtain the
certificate manually.
In both IIS and Apache, you receive a certificate file from the
certification authority, which you must configure on the computer. Apache
reads the certificate from its source file by using the SSLCACertificateFile
directive. However, in IIS, you can configure and manage certificates by
using the Directory Security tab of the Web site or folder properties.
You can migrate certificates from Apache to IIS; however, Microsoft
recommends that you re-create or obtain a new certificate for IIS.
Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate assigned
to it. 1. Log on to the Web server computer as an administrator.
2. Click Start, point to Settings, and then click Control Panel.
3. Double-click Administrative Tools, and then double click Internet
Services Manager.
4. Select the Web site from the list of different served sites in the
left pane.
5. Right-click the Web site, folder, or file for which you want to
configure SSL communication, and then click Properties.
6. Click the Directory Security tab.
7. Click Edit.
8. Click Require secure-channel (SSL) if you want the Web site,
folder, or file to require SSL communications.
9. Click Require 128-bit encryption to configure 128-bit (instead of
40-bit) encryption support.
10. To allow users to connect without supplying their own certificate,
click Ignore client certificates.
Alternatively, to allow a user to supply their own certificate, use
Accept client certificates.
11. To configure client mapping, click Enable client certificate
mapping, and then click Edit to map client certificates to users.
If you configure this functionality, you can map client certificates
to individual users in Active Directory. You can use this functionality to
automatically identify a user according to the certificate they supplied
when they access the Web site. You can map users to certificates on a
one-to-one basis (one certificate identifies one user) or you can map many
certificates to one user (a list of certificates is matched against a
specific user according to specific rules. The first valid match becomes the
mapping).
12. Click OK.
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com... I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
Under Secure Communication Click on Edit is you are using Win2k3
If Edit is Grayed out then Click on Server Certificate and install the
Certificate first.
ETc...
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com... I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How to
do it?
Thanks
David
"MSDN" wrote: The following from http://support.microsoft.com/?kbid=324069
Configuring Your Web Server for SSL
To enable SSL in IIS, you must first obtain a certificate that is used to
encrypt and decrypt the information that is transferred over the network.
IIS includes its own certificate request tool that you can use to send a
certificate request to a certification authority. This tool simplifies the
process of obtaining a certificate. If you use Apache, you must obtain the
certificate manually.
In both IIS and Apache, you receive a certificate file from the
certification authority, which you must configure on the computer. Apache
reads the certificate from its source file by using the SSLCACertificateFile
directive. However, in IIS, you can configure and manage certificates by
using the Directory Security tab of the Web site or folder properties.
You can migrate certificates from Apache to IIS; however, Microsoft
recommends that you re-create or obtain a new certificate for IIS.
Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate assigned
to it. 1. Log on to the Web server computer as an administrator.
2. Click Start, point to Settings, and then click Control Panel.
3. Double-click Administrative Tools, and then double click Internet
Services Manager.
4. Select the Web site from the list of different served sites in the
left pane.
5. Right-click the Web site, folder, or file for which you want to
configure SSL communication, and then click Properties.
6. Click the Directory Security tab.
7. Click Edit.
8. Click Require secure-channel (SSL) if you want the Web site,
folder, or file to require SSL communications.
9. Click Require 128-bit encryption to configure 128-bit (instead of
40-bit) encryption support.
10. To allow users to connect without supplying their own certificate,
click Ignore client certificates.
Alternatively, to allow a user to supply their own certificate, use
Accept client certificates.
11. To configure client mapping, click Enable client certificate
mapping, and then click Edit to map client certificates to users.
If you configure this functionality, you can map client certificates
to individual users in Active Directory. You can use this functionality to
automatically identify a user according to the certificate they supplied
when they access the Web site. You can map users to certificates on a
one-to-one basis (one certificate identifies one user) or you can map many
certificates to one user (a list of certificates is matched against a
specific user according to specific rules. The first valid match becomes the
mapping).
12. Click OK.
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com...I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
Hi, Mark.
Where to get and how to instal SSL certificate in IIS?
David
"Mark Fitzpatrick" wrote: David,
First, you'll need an SSL certificate installed in IIS. Once it's
installed and configured, you should be able to reach the site through
https.
Now, you don't really configure the page to be used with https. What
you'll need to do with a login form is, see if the protocol being used is
http or https. If it's https, simply do a quick redirect to the login page
again, but this time do it through https.
You can test if you're using https connection by checking the value
of the Response.ServerVariables["HTTP"] collection. If the value is ON it's
using https. If it's off it's just using HTTP. Do a quick test for this and
redirect and you should be all set.
If you want to ensure that the entire site is secured you could also
write an httpmodule that checks each request to ensure the protocol is https
and redirects as needed otherwise.
(full list of servervariables at:
http://msdn.microsoft.com/library/de...ba2c253006.asp)
Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com...I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
I mean I need to enable Secure Communication first.
David
"david" wrote: Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How to
do it?
Thanks
David
"MSDN" wrote:
The following from http://support.microsoft.com/?kbid=324069
Configuring Your Web Server for SSL
To enable SSL in IIS, you must first obtain a certificate that is used to
encrypt and decrypt the information that is transferred over the network.
IIS includes its own certificate request tool that you can use to send a
certificate request to a certification authority. This tool simplifies the
process of obtaining a certificate. If you use Apache, you must obtain the
certificate manually.
In both IIS and Apache, you receive a certificate file from the
certification authority, which you must configure on the computer. Apache
reads the certificate from its source file by using the SSLCACertificateFile
directive. However, in IIS, you can configure and manage certificates by
using the Directory Security tab of the Web site or folder properties.
You can migrate certificates from Apache to IIS; however, Microsoft
recommends that you re-create or obtain a new certificate for IIS.
Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate assigned
to it. 1. Log on to the Web server computer as an administrator.
2. Click Start, point to Settings, and then click Control Panel.
3. Double-click Administrative Tools, and then double click Internet
Services Manager.
4. Select the Web site from the list of different served sites in the
left pane.
5. Right-click the Web site, folder, or file for which you want to
configure SSL communication, and then click Properties.
6. Click the Directory Security tab.
7. Click Edit.
8. Click Require secure-channel (SSL) if you want the Web site,
folder, or file to require SSL communications.
9. Click Require 128-bit encryption to configure 128-bit (instead of
40-bit) encryption support.
10. To allow users to connect without supplying their own certificate,
click Ignore client certificates.
Alternatively, to allow a user to supply their own certificate, use
Accept client certificates.
11. To configure client mapping, click Enable client certificate
mapping, and then click Edit to map client certificates to users.
If you configure this functionality, you can map client certificates
to individual users in Active Directory. You can use this functionality to
automatically identify a user according to the certificate they supplied
when they access the Web site. You can map users to certificates on a
one-to-one basis (one certificate identifies one user) or you can map many
certificates to one user (a list of certificates is matched against a
specific user according to specific rules. The first valid match becomes the
mapping).
12. Click OK.
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com...I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
Are you using XP?
Under secure communication do you see Server Certificate... Button
You need to go through the wizard and install a certificate.
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:9B**********************************@microsof t.com... Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How
to
do it?
Thanks
David
"MSDN" wrote:
The following from http://support.microsoft.com/?kbid=324069
Configuring Your Web Server for SSL
To enable SSL in IIS, you must first obtain a certificate that is used to
encrypt and decrypt the information that is transferred over the network.
IIS includes its own certificate request tool that you can use to send a
certificate request to a certification authority. This tool simplifies
the
process of obtaining a certificate. If you use Apache, you must obtain
the
certificate manually.
In both IIS and Apache, you receive a certificate file from the
certification authority, which you must configure on the computer. Apache
reads the certificate from its source file by using the
SSLCACertificateFile
directive. However, in IIS, you can configure and manage certificates by
using the Directory Security tab of the Web site or folder properties.
You can migrate certificates from Apache to IIS; however, Microsoft
recommends that you re-create or obtain a new certificate for IIS.
Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate
assigned
to it. 1. Log on to the Web server computer as an administrator.
2. Click Start, point to Settings, and then click Control Panel.
3. Double-click Administrative Tools, and then double click
Internet
Services Manager.
4. Select the Web site from the list of different served sites in
the
left pane.
5. Right-click the Web site, folder, or file for which you want to
configure SSL communication, and then click Properties.
6. Click the Directory Security tab.
7. Click Edit.
8. Click Require secure-channel (SSL) if you want the Web site,
folder, or file to require SSL communications.
9. Click Require 128-bit encryption to configure 128-bit (instead
of
40-bit) encryption support.
10. To allow users to connect without supplying their own
certificate,
click Ignore client certificates.
Alternatively, to allow a user to supply their own certificate, use
Accept client certificates.
11. To configure client mapping, click Enable client certificate
mapping, and then click Edit to map client certificates to users.
If you configure this functionality, you can map client
certificates
to individual users in Active Directory. You can use this functionality
to
automatically identify a user according to the certificate they supplied
when they access the Web site. You can map users to certificates on a
one-to-one basis (one certificate identifies one user) or you can map
many
certificates to one user (a list of certificates is matched against a
specific user according to specific rules. The first valid match becomes
the
mapping).
12. Click OK.
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com... >I have developed web forms including login by using ASP.NET via HTTP.
> Now I want to secure the connection from client to the server via
> HTTPS.
> How can I configure the server or something else to make the change?
>
> Thank you
>
> David
Thank you.
I use Win2k. Al three options for Secure Communication are gray out. So waht
can I do?
David
"MSDN" wrote: Under Secure Communication Click on Edit is you are using Win2k3
If Edit is Grayed out then Click on Server Certificate and install the
Certificate first.
ETc...
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com...I have developed web forms including login by using ASP.NET via HTTP.
Now I want to secure the connection from client to the server via HTTPS.
How can I configure the server or something else to make the change?
Thank you
David
I use Windows Server 2000.
The server Certificate is grayed.
David
"MSDN" wrote: Are you using XP?
Under secure communication do you see Server Certificate... Button
You need to go through the wizard and install a certificate.
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:9B**********************************@microsof t.com... Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How
to
do it?
Thanks
David
"MSDN" wrote:
The following from http://support.microsoft.com/?kbid=324069
Configuring Your Web Server for SSL
To enable SSL in IIS, you must first obtain a certificate that is used to
encrypt and decrypt the information that is transferred over the network.
IIS includes its own certificate request tool that you can use to send a
certificate request to a certification authority. This tool simplifies
the
process of obtaining a certificate. If you use Apache, you must obtain
the
certificate manually.
In both IIS and Apache, you receive a certificate file from the
certification authority, which you must configure on the computer. Apache
reads the certificate from its source file by using the
SSLCACertificateFile
directive. However, in IIS, you can configure and manage certificates by
using the Directory Security tab of the Web site or folder properties.
You can migrate certificates from Apache to IIS; however, Microsoft
recommends that you re-create or obtain a new certificate for IIS.
Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate
assigned
to it. 1. Log on to the Web server computer as an administrator.
2. Click Start, point to Settings, and then click Control Panel.
3. Double-click Administrative Tools, and then double click
Internet
Services Manager.
4. Select the Web site from the list of different served sites in
the
left pane.
5. Right-click the Web site, folder, or file for which you want to
configure SSL communication, and then click Properties.
6. Click the Directory Security tab.
7. Click Edit.
8. Click Require secure-channel (SSL) if you want the Web site,
folder, or file to require SSL communications.
9. Click Require 128-bit encryption to configure 128-bit (instead
of
40-bit) encryption support.
10. To allow users to connect without supplying their own
certificate,
click Ignore client certificates.
Alternatively, to allow a user to supply their own certificate, use
Accept client certificates.
11. To configure client mapping, click Enable client certificate
mapping, and then click Edit to map client certificates to users.
If you configure this functionality, you can map client
certificates
to individual users in Active Directory. You can use this functionality
to
automatically identify a user according to the certificate they supplied
when they access the Web site. You can map users to certificates on a
one-to-one basis (one certificate identifies one user) or you can map
many
certificates to one user (a list of certificates is matched against a
specific user according to specific rules. The first valid match becomes
the
mapping).
12. Click OK.
"david" <da***@discussions.microsoft.com> wrote in message
news:3C**********************************@microsof t.com...
>I have developed web forms including login by using ASP.NET via HTTP.
> Now I want to secure the connection from client to the server via
> HTTPS.
> How can I configure the server or something else to make the change?
>
> Thank you
>
> David
If you are using the Default Web site.
David, make sure that you click on the properties of the Default Web Site,
not the virtual directories beneath it.
if that does not work out then may be you need to install something with IIS
that is missing
???
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:DA**********************************@microsof t.com... I use Windows Server 2000.
The server Certificate is grayed.
David
"MSDN" wrote:
Are you using XP?
Under secure communication do you see Server Certificate... Button
You need to go through the wizard and install a certificate.
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:9B**********************************@microsof t.com... > Thank you for all of you.
>
> I did go to the Internet Services Manager and did the following:
> 1. Click Directory Secure tab
> 2. Three three choices for me, but one is gray (disabled).
> (1) Edit for Anonymous access and authentication control
> (2) Edit for IP address and domain name ..
> (3) Secure communications: disabled (gray)
>
> In this case, it seems that I have enable Secure Communication first.
> How
> to
> do it?
>
> Thanks
>
> David
>
> "MSDN" wrote:
>
>> The following from http://support.microsoft.com/?kbid=324069
>>
>> Configuring Your Web Server for SSL
>> To enable SSL in IIS, you must first obtain a certificate that is used
>> to
>> encrypt and decrypt the information that is transferred over the
>> network.
>> IIS includes its own certificate request tool that you can use to send
>> a
>> certificate request to a certification authority. This tool simplifies
>> the
>> process of obtaining a certificate. If you use Apache, you must obtain
>> the
>> certificate manually.
>>
>> In both IIS and Apache, you receive a certificate file from the
>> certification authority, which you must configure on the computer.
>> Apache
>> reads the certificate from its source file by using the
>> SSLCACertificateFile
>> directive. However, in IIS, you can configure and manage certificates
>> by
>> using the Directory Security tab of the Web site or folder properties.
>>
>> You can migrate certificates from Apache to IIS; however, Microsoft
>> recommends that you re-create or obtain a new certificate for IIS.
>>
>>
>>
>> Configure Folder or Web Site to Use SSL/HTTPS
>> This procedure assumes that your site has already has a certificate
>> assigned
>> to it. 1. Log on to the Web server computer as an administrator.
>> 2. Click Start, point to Settings, and then click Control Panel.
>> 3. Double-click Administrative Tools, and then double click
>> Internet
>> Services Manager.
>> 4. Select the Web site from the list of different served sites
>> in
>> the
>> left pane.
>> 5. Right-click the Web site, folder, or file for which you want
>> to
>> configure SSL communication, and then click Properties.
>> 6. Click the Directory Security tab.
>> 7. Click Edit.
>> 8. Click Require secure-channel (SSL) if you want the Web site,
>> folder, or file to require SSL communications.
>> 9. Click Require 128-bit encryption to configure 128-bit
>> (instead
>> of
>> 40-bit) encryption support.
>> 10. To allow users to connect without supplying their own
>> certificate,
>> click Ignore client certificates.
>>
>> Alternatively, to allow a user to supply their own certificate,
>> use
>> Accept client certificates.
>> 11. To configure client mapping, click Enable client certificate
>> mapping, and then click Edit to map client certificates to users.
>>
>> If you configure this functionality, you can map client
>> certificates
>> to individual users in Active Directory. You can use this
>> functionality
>> to
>> automatically identify a user according to the certificate they
>> supplied
>> when they access the Web site. You can map users to certificates on a
>> one-to-one basis (one certificate identifies one user) or you can map
>> many
>> certificates to one user (a list of certificates is matched against a
>> specific user according to specific rules. The first valid match
>> becomes
>> the
>> mapping).
>> 12. Click OK.
>>
>>
>>
>> "david" <da***@discussions.microsoft.com> wrote in message
>> news:3C**********************************@microsof t.com...
>> >I have developed web forms including login by using ASP.NET via HTTP.
>> > Now I want to secure the connection from client to the server via
>> > HTTPS.
>> > How can I configure the server or something else to make the change?
>> >
>> > Thank you
>> >
>> > David
>>
>>
>>
you need to buy a certificat and install it before ssl will work. you need
to buy from someone you users base has installed as a trusted site in their
browser. In ie under options->content->publishers->trusted root ... you will
see the list IE comes with (verisign is the big boy, but shop around). if
its an interal site you can run your own certificate server, but all your
users will have to install a verfication certificate from your server.
when you buy a certificate, its tied to the domain name of your web site and
can not be transfered. also your certificate will expire and needs to be
renewed (so check the renewal costs).
simple artical on installing: http://www.4guysfromrolla.com/webtech/062299-1.shtml
-- bruce (sqlwork.com)
"david" <da***@discussions.microsoft.com> wrote in message
news:F8**********************************@microsof t.com... I mean I need to enable Secure Communication first.
David
"david" wrote:
Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How
to
do it?
Thanks
David
"MSDN" wrote:
> The following from http://support.microsoft.com/?kbid=324069
>
> Configuring Your Web Server for SSL
> To enable SSL in IIS, you must first obtain a certificate that is used
> to
> encrypt and decrypt the information that is transferred over the
> network.
> IIS includes its own certificate request tool that you can use to send
> a
> certificate request to a certification authority. This tool simplifies
> the
> process of obtaining a certificate. If you use Apache, you must obtain
> the
> certificate manually.
>
> In both IIS and Apache, you receive a certificate file from the
> certification authority, which you must configure on the computer.
> Apache
> reads the certificate from its source file by using the
> SSLCACertificateFile
> directive. However, in IIS, you can configure and manage certificates
> by
> using the Directory Security tab of the Web site or folder properties.
>
> You can migrate certificates from Apache to IIS; however, Microsoft
> recommends that you re-create or obtain a new certificate for IIS.
>
>
>
> Configure Folder or Web Site to Use SSL/HTTPS
> This procedure assumes that your site has already has a certificate
> assigned
> to it. 1. Log on to the Web server computer as an administrator.
> 2. Click Start, point to Settings, and then click Control Panel.
> 3. Double-click Administrative Tools, and then double click
> Internet
> Services Manager.
> 4. Select the Web site from the list of different served sites in
> the
> left pane.
> 5. Right-click the Web site, folder, or file for which you want
> to
> configure SSL communication, and then click Properties.
> 6. Click the Directory Security tab.
> 7. Click Edit.
> 8. Click Require secure-channel (SSL) if you want the Web site,
> folder, or file to require SSL communications.
> 9. Click Require 128-bit encryption to configure 128-bit (instead
> of
> 40-bit) encryption support.
> 10. To allow users to connect without supplying their own
> certificate,
> click Ignore client certificates.
>
> Alternatively, to allow a user to supply their own certificate,
> use
> Accept client certificates.
> 11. To configure client mapping, click Enable client certificate
> mapping, and then click Edit to map client certificates to users.
>
> If you configure this functionality, you can map client
> certificates
> to individual users in Active Directory. You can use this functionality
> to
> automatically identify a user according to the certificate they
> supplied
> when they access the Web site. You can map users to certificates on a
> one-to-one basis (one certificate identifies one user) or you can map
> many
> certificates to one user (a list of certificates is matched against a
> specific user according to specific rules. The first valid match
> becomes the
> mapping).
> 12. Click OK.
>
>
>
> "david" <da***@discussions.microsoft.com> wrote in message
> news:3C**********************************@microsof t.com...
> >I have developed web forms including login by using ASP.NET via HTTP.
> > Now I want to secure the connection from client to the server via
> > HTTPS.
> > How can I configure the server or something else to make the change?
> >
> > Thank you
> >
> > David
>
>
>
My computer is windows server 2000 as an internal network server. So you mean
that I need a SSL certificate server installed on the machine. Then I can
configure IIS directory Security..
David
"bruce barker (sqlwork.com)" wrote: you need to buy a certificat and install it before ssl will work. you need
to buy from someone you users base has installed as a trusted site in their
browser. In ie under options->content->publishers->trusted root ... you will
see the list IE comes with (verisign is the big boy, but shop around). if
its an interal site you can run your own certificate server, but all your
users will have to install a verfication certificate from your server.
when you buy a certificate, its tied to the domain name of your web site and
can not be transfered. also your certificate will expire and needs to be
renewed (so check the renewal costs).
simple artical on installing:
http://www.4guysfromrolla.com/webtech/062299-1.shtml
-- bruce (sqlwork.com)
"david" <da***@discussions.microsoft.com> wrote in message
news:F8**********************************@microsof t.com...I mean I need to enable Secure Communication first.
David
"david" wrote:
Thank you for all of you.
I did go to the Internet Services Manager and did the following:
1. Click Directory Secure tab
2. Three three choices for me, but one is gray (disabled).
(1) Edit for Anonymous access and authentication control
(2) Edit for IP address and domain name ..
(3) Secure communications: disabled (gray)
In this case, it seems that I have enable Secure Communication first. How
to
do it?
Thanks
David
"MSDN" wrote:
> The following from http://support.microsoft.com/?kbid=324069
>
> Configuring Your Web Server for SSL
> To enable SSL in IIS, you must first obtain a certificate that is used
> to
> encrypt and decrypt the information that is transferred over the
> network.
> IIS includes its own certificate request tool that you can use to send
> a
> certificate request to a certification authority. This tool simplifies
> the
> process of obtaining a certificate. If you use Apache, you must obtain
> the
> certificate manually.
>
> In both IIS and Apache, you receive a certificate file from the
> certification authority, which you must configure on the computer.
> Apache
> reads the certificate from its source file by using the
> SSLCACertificateFile
> directive. However, in IIS, you can configure and manage certificates
> by
> using the Directory Security tab of the Web site or folder properties.
>
> You can migrate certificates from Apache to IIS; however, Microsoft
> recommends that you re-create or obtain a new certificate for IIS.
>
>
>
> Configure Folder or Web Site to Use SSL/HTTPS
> This procedure assumes that your site has already has a certificate
> assigned
> to it. 1. Log on to the Web server computer as an administrator.
> 2. Click Start, point to Settings, and then click Control Panel.
> 3. Double-click Administrative Tools, and then double click
> Internet
> Services Manager.
> 4. Select the Web site from the list of different served sites in
> the
> left pane.
> 5. Right-click the Web site, folder, or file for which you want
> to
> configure SSL communication, and then click Properties.
> 6. Click the Directory Security tab.
> 7. Click Edit.
> 8. Click Require secure-channel (SSL) if you want the Web site,
> folder, or file to require SSL communications.
> 9. Click Require 128-bit encryption to configure 128-bit (instead
> of
> 40-bit) encryption support.
> 10. To allow users to connect without supplying their own
> certificate,
> click Ignore client certificates.
>
> Alternatively, to allow a user to supply their own certificate,
> use
> Accept client certificates.
> 11. To configure client mapping, click Enable client certificate
> mapping, and then click Edit to map client certificates to users.
>
> If you configure this functionality, you can map client
> certificates
> to individual users in Active Directory. You can use this functionality
> to
> automatically identify a user according to the certificate they
> supplied
> when they access the Web site. You can map users to certificates on a
> one-to-one basis (one certificate identifies one user) or you can map
> many
> certificates to one user (a list of certificates is matched against a
> specific user according to specific rules. The first valid match
> becomes the
> mapping).
> 12. Click OK.
>
>
>
> "david" <da***@discussions.microsoft.com> wrote in message
> news:3C**********************************@microsof t.com...
> >I have developed web forms including login by using ASP.NET via HTTP.
> > Now I want to secure the connection from client to the server via
> > HTTPS.
> > How can I configure the server or something else to make the change?
> >
> > Thank you
> >
> > David
>
>
>
I think that something is missing with IIS.
David
"MSDN" wrote: If you are using the Default Web site.
David, make sure that you click on the properties of the Default Web Site,
not the virtual directories beneath it.
if that does not work out then may be you need to install something with IIS
that is missing
???
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:DA**********************************@microsof t.com...I use Windows Server 2000.
The server Certificate is grayed.
David
"MSDN" wrote:
Are you using XP?
Under secure communication do you see Server Certificate... Button
You need to go through the wizard and install a certificate.
SA
"david" <da***@discussions.microsoft.com> wrote in message
news:9B**********************************@microsof t.com...
> Thank you for all of you.
>
> I did go to the Internet Services Manager and did the following:
> 1. Click Directory Secure tab
> 2. Three three choices for me, but one is gray (disabled).
> (1) Edit for Anonymous access and authentication control
> (2) Edit for IP address and domain name ..
> (3) Secure communications: disabled (gray)
>
> In this case, it seems that I have enable Secure Communication first.
> How
> to
> do it?
>
> Thanks
>
> David
>
> "MSDN" wrote:
>
>> The following from http://support.microsoft.com/?kbid=324069
>>
>> Configuring Your Web Server for SSL
>> To enable SSL in IIS, you must first obtain a certificate that is used
>> to
>> encrypt and decrypt the information that is transferred over the
>> network.
>> IIS includes its own certificate request tool that you can use to send
>> a
>> certificate request to a certification authority. This tool simplifies
>> the
>> process of obtaining a certificate. If you use Apache, you must obtain
>> the
>> certificate manually.
>>
>> In both IIS and Apache, you receive a certificate file from the
>> certification authority, which you must configure on the computer.
>> Apache
>> reads the certificate from its source file by using the
>> SSLCACertificateFile
>> directive. However, in IIS, you can configure and manage certificates
>> by
>> using the Directory Security tab of the Web site or folder properties.
>>
>> You can migrate certificates from Apache to IIS; however, Microsoft
>> recommends that you re-create or obtain a new certificate for IIS.
>>
>>
>>
>> Configure Folder or Web Site to Use SSL/HTTPS
>> This procedure assumes that your site has already has a certificate
>> assigned
>> to it. 1. Log on to the Web server computer as an administrator.
>> 2. Click Start, point to Settings, and then click Control Panel.
>> 3. Double-click Administrative Tools, and then double click
>> Internet
>> Services Manager.
>> 4. Select the Web site from the list of different served sites
>> in
>> the
>> left pane.
>> 5. Right-click the Web site, folder, or file for which you want
>> to
>> configure SSL communication, and then click Properties.
>> 6. Click the Directory Security tab.
>> 7. Click Edit.
>> 8. Click Require secure-channel (SSL) if you want the Web site,
>> folder, or file to require SSL communications.
>> 9. Click Require 128-bit encryption to configure 128-bit
>> (instead
>> of
>> 40-bit) encryption support.
>> 10. To allow users to connect without supplying their own
>> certificate,
>> click Ignore client certificates.
>>
>> Alternatively, to allow a user to supply their own certificate,
>> use
>> Accept client certificates.
>> 11. To configure client mapping, click Enable client certificate
>> mapping, and then click Edit to map client certificates to users.
>>
>> If you configure this functionality, you can map client
>> certificates
>> to individual users in Active Directory. You can use this
>> functionality
>> to
>> automatically identify a user according to the certificate they
>> supplied
>> when they access the Web site. You can map users to certificates on a
>> one-to-one basis (one certificate identifies one user) or you can map
>> many
>> certificates to one user (a list of certificates is matched against a
>> specific user according to specific rules. The first valid match
>> becomes
>> the
>> mapping).
>> 12. Click OK.
>>
>>
>>
>> "david" <da***@discussions.microsoft.com> wrote in message
>> news:3C**********************************@microsof t.com...
>> >I have developed web forms including login by using ASP.NET via HTTP.
>> > Now I want to secure the connection from client to the server via
>> > HTTPS.
>> > How can I configure the server or something else to make the change?
>> >
>> > Thank you
>> >
>> > David
>>
>>
>>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: NotGiven |
last post by:
I need to verify if the page that led the user to this page used http or
httpS.
for example, if the use cam to my page from:
httpS://www.dm.com/sample/foo.php
I want to know as opposed to...
|
by: Bob Hansen |
last post by:
I am using the following code in my default.asp page to redirect the page
from HTTP to HTTPS
<%
if Request.ServerVariables("HTTPS") = "off" Then
Response.Redirect("https://" &...
|
by: Astra |
last post by:
Hi All
I've noticed on quite a few ASP sites that when they have a 'MyAccount'
section they transfer the site to https and then when you have logged into
your account successfully and gone back...
|
by: McKirahan |
last post by:
I have an ASP site, an SSL certificate, and an {Order page}.
I want to use "https" for the {Order page} and "http" for all others.
Each page "includes" a common ".asp" file which detects the...
|
by: Grunff |
last post by:
I'm experiencing an interesting problem with carrying a php session over
from http to https. Much googling later, I'm still stuck.
The application is an online shop, where some user data is...
|
by: E |
last post by:
I have a https login page with C# code FormsAuthentication. After logging
in, my https pages recognize that I'm logged in. My http pages do not. It's
as if it's considering these pages under a...
|
by: bkasmai |
last post by:
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that...
|
by: Manuel Ricca |
last post by:
Hi all,
I need to protect a "members" area in my site for which I want to
require forms authentication and allow only a specific role. This
subdirectory must be accessible through SSL only....
|
by: brian.freyle |
last post by:
Hi, i'm trying to configure a wcf service with https, but when I
generate the wsdl , it contains the schemaLocation pointing to the
service with the local name instead of the DNS (https://...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
