SSL for Single Page in ASP.net website

I have a asp.net website and i want to install SSL(https://) on it but only for one page (i.e)Login.aspx.
Can any one tell me how do i do that?Actually i can get it done for the whole web site but i read that it drastically degrades the website performance.Can any one tell me how that is done?or any url where it step by step specifies to accomplish this.
Thanks,
aspnetdevAsked:
Who is Participating?
 
ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
Generically, you set up the cert for the entire site - this in itself does not degrade performance.  If you force usage of it then that's a different story...  The slow down is directly related to the encrypting process itself when the page gets loaded and it needs to be encrypted, not because it happens to be avaialble.

For your logon page you will want to force usage, and check the sub-box for forcing 128 bit.  You can do that in the properties of that page after the cert is installed.

I agree with the previous posting - if you set up a new site for secured transactions (e.g. http://www.domain.com links to https://secure.domain.com) then you can enable SSL for the entire site, reducing mistakes in the long run, which leaving your primary site alone so you don't have to mess with it.
0
 
CyrexCore2kCommented:
So are you asking how to install SSL or how to get Login.aspx to be the only page that uses it?

Personally I recommend creating an entirely different site to manage any secure transactions. Logging in, user profiles, credit cards, whatever and then redirecting back to the respective site that called it. If you set up your authentication site to work like a passport site it will benefit you in the future in that you'll be able to have multiple sites use the same location to log in.
0
 
Loganathan NatarajanLAMP DeveloperCommented:
0
 
aspnetdevAuthor Commented:
Hi,
Thanks for the quick replies,CyrexCore2k you are right i want to get Login.aspx to be the only page that uses it?Also,creating a new site is not a feasible solution for me...actually my website has Forms Based authentications and currently the site is http:// and passwords are travelling unencrypted.So i wanted just the Login.aspx page to use the https://.Please let me know your thoughts.
Thanks,
0
 
ParanormasticCryptographic EngineerCommented:
you can go into the properties of just that page and directory security tab and enable it there.  also, just having the cert installed allows SSL to be used, but go into the properties to force it for that page, and for 128 bit as well.

just having it installed for the whole site doesn't mean its going to be used for the whole site as long as you only force it for that one page.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.