Secure pages with SSL/https using ASP.NET.

Posted on 2005-05-15
Last Modified: 2013-11-29
I have an application on Windows/ IIS server, hosted by a ISP.

My question is how do I identify the pages that I want to make https?
Should I stick all those pages in one folder?

If SSL is activated for an entire website, what is the normal method for
identifying the pages you want secure?  I would think putting them in one folder
would make sense, but does anyone have experience on how it is actually done?
Question by:MikeMCSD
    LVL 26

    Expert Comment

    what kind of website is this .. the pages you would like to be made secure would be the ones with data that you will surely not like anyone to have a look into . .like financial data, personal data etc .. but it really depends on the functionality you are implementing and the kind tha data been procesed by ur application ...
    SSL can be configured for a single page too .. so there is not really a need for you to add all of ur pages requiring ssl to be in a single directory ...
    use the IIS console to configure the pages for ssl .. as u have hosted this application with an ISP, am sure they have the expertise to do it and you can just make a request and provide them with the list of pages .. but note, to enable SSL, you will require a server certificate .. read more about it on MSDN .. you will have to purchase it from a certifacate authoruty like verisign .. you will get lots of details about SSL in their site .. you will also have to ask for details from you ISP about whether they already have a server certificate installed on their server ... and whether your appplication is the only application on that server (which is highly unlikely) and whether you can use the existing ceritficate (if present)
    LVL 26

    Expert Comment

    have a look here on how to configure ur server for SSL and how to obtain the server certificate for the same ..

    Obtaining a Server Certificate
    LVL 26

    Expert Comment

    details about SSL and how to go about using it ...(from the verisign website)
    LVL 26

    Expert Comment

    If the list of users of ur web site is known, i.e. it is a B2B site, then you could think of creating your own server certificate (using the certifiate server provided by microsoft), but then u will have to ask all of ur users to install the a "CA certificate" in their browser and u will have to provide a link to it (for download) ... to view all the exiting CA certicates in ur browser,  open IE .. menu .... Tools->internet option->Content tab .. Certificates button .. it will open a new window .. select the tab "Trusted Root Certifiation Authorities" ..

    have a look here for more explanation ... (wait for the page to load .. I think there is advertisement at the start and then the actual page loads)
    LVL 16

    Author Comment

    thanks Rejojohny  .  .  .
    This is an E-commerce site and is being hosted by
    I won't be configuring the server . . . the ISP has to do that.
    At this point, I just need to know if I should put all the files that need to be secure
    in one folder . . .  will this make things easier later?  . . . or does it really matter or not.

    About verisign  . . . I have a question about it if you want to take a look:
    LVL 26

    Accepted Solution

    >>At this point, I just need to know if I should put all the files that need to be secure
    in one folder . . .  will this make things easier later?
    it will definetly makes things easier for management .. but no advantage in processing or speed or anything like that ...

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
    I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
    Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now