Solved

http website planning to have https

Posted on 2008-10-31
8
214 Views
Last Modified: 2012-08-13
Hi experts!
I have a server 2008 ent edition, users work through TS web access (it has some microsoft access database files) , and the website address starts like 'http://myservername.mydomainname.com'. Internally both http and https work as they have been configured in iis. Since it has database I would like to have some security.  Please guide how and where can I buy to be automatically changed from http to https.  I have about 50 users logging onto this site on different times.
Help plz
0
Comment
Question by:amanzoor
  • 4
  • 4
8 Comments
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854010
Create a new file in the root of you web directory called sslredirect.htm
Edit the file and paste in the following, then save:
<html>

<script language="JavaScript">
<!-- begin hide

function goElseWhere()
{
var oldURL = window.location.hostname + window.location.pathname + window.location.search;
var newURL = "https://" + oldURL;
window.location = newURL;
}
goElseWhere();

// end hide -->
</script>

</html>

Next go to the Properties of your website in IIS, under Custom Errors tab. Edit 403;3 and set the file destination to that of the new file you just created.
Finally, under Directory Security, Secure Communication, edit the option to Require SSL.

THIS PROCESS IS TESTED FROM WINDOWS 2003! Should still work with 2008, IIS just may be arranged a little differently.

0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854022
Woops (sorry typo)...edit 403;4
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22855498
ChopperCentury:
Thanks for the reply.  Tell me please:
I have not asked my ISP to mapp https instead of http, Do I have not to buy any https certificates for this? and also how would the DNS resolve to https if I simply make a change in my IIS? i.e a person logging in to my existing URL 'http://servername.mydomainname.com' would first come to my server gets changed to https and goes back?.  Sorry I just want to clarify myself I am weak in this area.
Help plz
0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22855926
If I misread the question please let me know....
Is IIS working internally now with http and https?
Is only internal use allowed?
If yes to both then what I gave you will do the trick.
You only need to worry with a cert if accepting external traffic. However, you can use Windows Server to create a self signing cert for free if you simply want to get rid of the security warning message. Here is a site to help you accomplish this in Server '08...
http://www.netometer.com/video/tutorials/server-2008-self-signed-certtificate/
As far as DNS, you are already good to go. http and https are ports 80 and 443 respectively, that can rid on the same IP address.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 4

Author Comment

by:amanzoor
ID: 22862174
ChopperCentury:
Thanks
Yes I want to accept the eternal traffic.  Yes the internal https is enabled in IIS.  Yes I want to generate a self signed certificate.  THe link you sent is an excellent source, too bad it worked only once.  How and where can I find this 'selfssl.exe' command on server 2008?
Basically now I have a rough image of what I need to do in order for my clients to visit through https.
Help
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22864292
Is it possible to get the full command again for 'selfssl.exe' as shown in that slide show?  It will help me issue the certificate for the exact URL I want to?
Thanks
0
 
LVL 10

Accepted Solution

by:
ChopperCentury earned 500 total points
ID: 22864477
From a command prompt you can type:
selfssl /?
This will give you the command options. Also, selfssl.exe is a product from the IIS6 resource kit.
http://support.microsoft.com/kb/840671
The link I gave is the only I could find relating to a step-by-step guide thru IIS7. I have not personally used Windows 2008. The actual selfssl command will work the same as with IIS6. Following are the defualt options if you simply type selfssl and press enter and Y to confirm.
/N:CN=<YOUR COMPUTER NAME> (common name of the certificate)
/K:1024 (key length of the certificate)
/V:7 (validity of the certificate in days)
/S:1 (ID of the site to which the certificate needs to be installed)
/P:443 (SSL port)
Options that you might want to change from the default settings would be the validity days, site ID (if not installing to Default Website), and comman name (if different from the computer name).
0
 
LVL 4

Author Closing Comment

by:amanzoor
ID: 31512177
Thanks I really appreciate your upto the point advice, regards.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now