Secure pages with SSL/https using ASP.NET.

I have an application on Windows/ IIS server, hosted by a ISP.

My question is how do I identify the pages that I want to make https?
Should I stick all those pages in one folder?

If SSL is activated for an entire website, what is the normal method for
identifying the pages you want secure?  I would think putting them in one folder
would make sense, but does anyone have experience on how it is actually done?
LVL 16
Who is Participating?
>>At this point, I just need to know if I should put all the files that need to be secure
in one folder . . .  will this make things easier later?
it will definetly makes things easier for management .. but no advantage in processing or speed or anything like that ...
what kind of website is this .. the pages you would like to be made secure would be the ones with data that you will surely not like anyone to have a look into . .like financial data, personal data etc .. but it really depends on the functionality you are implementing and the kind tha data been procesed by ur application ...
SSL can be configured for a single page too .. so there is not really a need for you to add all of ur pages requiring ssl to be in a single directory ...
use the IIS console to configure the pages for ssl .. as u have hosted this application with an ISP, am sure they have the expertise to do it and you can just make a request and provide them with the list of pages .. but note, to enable SSL, you will require a server certificate .. read more about it on MSDN .. you will have to purchase it from a certifacate authoruty like verisign .. you will get lots of details about SSL in their site .. you will also have to ask for details from you ISP about whether they already have a server certificate installed on their server ... and whether your appplication is the only application on that server (which is highly unlikely) and whether you can use the existing ceritficate (if present)
have a look here on how to configure ur server for SSL and how to obtain the server certificate for the same ..

Obtaining a Server Certificate
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

details about SSL and how to go about using it ...(from the verisign website)
If the list of users of ur web site is known, i.e. it is a B2B site, then you could think of creating your own server certificate (using the certifiate server provided by microsoft), but then u will have to ask all of ur users to install the a "CA certificate" in their browser and u will have to provide a link to it (for download) ... to view all the exiting CA certicates in ur browser,  open IE .. menu .... Tools->internet option->Content tab .. Certificates button .. it will open a new window .. select the tab "Trusted Root Certifiation Authorities" ..

have a look here for more explanation ... (wait for the page to load .. I think there is advertisement at the start and then the actual page loads)
MikeMCSDAuthor Commented:
thanks Rejojohny  .  .  .
This is an E-commerce site and is being hosted by
I won't be configuring the server . . . the ISP has to do that.
At this point, I just need to know if I should put all the files that need to be secure
in one folder . . .  will this make things easier later?  . . . or does it really matter or not.

About verisign  . . . I have a question about it if you want to take a look:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.