By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,819 Members | 1,617 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,819 IT Pros & Developers. It's quick & easy.

Enable SSL in Web.config?

P: 56

I have changed my ASP.NET from version 4.0 to 4.6.1 in Visual Studio 2017. Also in Visual Studio 2017, I have enabled SSL through my project's Properties panel.

I have noticed, however, that in my project's Web.config file, it says:

Expand|Select|Wrap|Line Numbers
  1. <security requireSsl="false"
Should I now change this to "true"?

Thank you.
Apr 30 '19 #1
Share this Question
Share on Google+
4 Replies

Expert 100+
P: 1,039
Its in the docs:
true if SSL is required to return the forms-authentication cookie to the server; otherwise, false. The default is false.

If you need to change this depends on what exactly you are doing. But if you start testing than you should find out if this settings need to be changed.
Apr 30 '19 #2

P: 56
Many thanks for your reply, Luuk.

The project is part of Microsoft's Membership Identity and will need to take https and not http, but no important personal details, such as bank details, are required in any form transactions.

I will see how it goes then!

May 1 '19 #3

P: 56
Sorry for the delay in replying.

Basically, users register, and a link is sent to their email for email confirmation. The user's details are stored in a SQL database and their password hashed.

The site will allow for students to upload their work to their university lecturer. No money at all is involved.

So, if my understanding is correct, I should opt for 'enabled'?

Thanks again
Jun 10 '19 #4

Expert 100+
P: 1,039
You should test both options, and choose the one that fits your needs. I am also not an expert in this (unfortunatly)
Jun 10 '19 #5

Post your reply

Sign in to post your reply or Sign up for a free account.