By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,969 Members | 1,522 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,969 IT Pros & Developers. It's quick & easy.

Enable SSL in Web.config?

P: 56

I have changed my ASP.NET from version 4.0 to 4.6.1 in Visual Studio 2017. Also in Visual Studio 2017, I have enabled SSL through my project's Properties panel.

I have noticed, however, that in my project's Web.config file, it says:

Expand|Select|Wrap|Line Numbers
  1. <security requireSsl="false"
Should I now change this to "true"?

Thank you.
Apr 30 '19 #1
Share this Question
Share on Google+
4 Replies

Expert 100+
P: 1,031
Its in the docs:
true if SSL is required to return the forms-authentication cookie to the server; otherwise, false. The default is false.

If you need to change this depends on what exactly you are doing. But if you start testing than you should find out if this settings need to be changed.
Apr 30 '19 #2

P: 56
Many thanks for your reply, Luuk.

The project is part of Microsoft's Membership Identity and will need to take https and not http, but no important personal details, such as bank details, are required in any form transactions.

I will see how it goes then!

May 1 '19 #3

P: 56
Sorry for the delay in replying.

Basically, users register, and a link is sent to their email for email confirmation. The user's details are stored in a SQL database and their password hashed.

The site will allow for students to upload their work to their university lecturer. No money at all is involved.

So, if my understanding is correct, I should opt for 'enabled'?

Thanks again
1 Week Ago #4

Expert 100+
P: 1,031
You should test both options, and choose the one that fits your needs. I am also not an expert in this (unfortunatly)
1 Week Ago #5

Post your reply

Sign in to post your reply or Sign up for a free account.