Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 646
  • Last Modified:

ISS SSL Configuraiton

Hi,

I wanna enable SSL within a site for just a form submitting. Think like my domain is "www.xxx.com " while surfing this site
SSL is not enabled but within a site when i submit a form i want to enable SSL is that possible ??

Regards,
0
pazwant
Asked:
pazwant
  • 3
  • 2
1 Solution
 
SvenTech Lead Web-DevelopmentCommented:
You have to get a ssl certificate by your web hoster (if it is part of your contract) or by a organization like VeriSign. The details of how to request and receive a ssl certificate a printed on the websites of these organizations like here:
http://www.verisign.com/support/ssl-certificates-support/install-ssl-certificate.html

You need to enable port 43 for your website. I do not think you can restrict ssl per page, so a call of https:// from a user via browser is allways served by ssl. You could only redirect per script to non-ssl script.
0
 
pazwantAuthor Commented:
I mean , is it possible to open a page with http://www.xxx.com/index.htm and then shift to
https://www.xxx.com/login.htm . During this changing do the users get any message from browser
except accepting SSL certificate ?
0
 
SvenTech Lead Web-DevelopmentCommented:
Normally there is not even a message that they are changing to ssl, if the certificate is valid. To submit a form per ssl you only need to add the absolute url with domain and https:// to the action of form:

<form action="https://www.xxx.com/login.htm" method="POST" name="LoginForm">

Open in new window

0
 
pazwantAuthor Commented:
Oki but what about if the user call https://www.xxx.com , i just want SSL certificate valid for login.htm. Is that possible on IIS just giving a directory for SSL enabled?
0
 
SvenTech Lead Web-DevelopmentCommented:
The only way I can think of, is to create a virtual directory within your web applications root. For this virtual directory you can define a ssl certificate but you should NOT define the virtual directory as own application because then you could definitly not share session across the web root and the virtual directory. Put the login script within this virtual directory and try it out!

I never tried that myself. I do not know if session state is really shared within root and virtual directory. Also I do not know if the SSL certificate is working within the directory. But it's worth a try I think.
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now