Solved

http website planning to have https

Posted on 2008-10-31
8
223 Views
Last Modified: 2012-08-13
Hi experts!
I have a server 2008 ent edition, users work through TS web access (it has some microsoft access database files) , and the website address starts like 'http://myservername.mydomainname.com'. Internally both http and https work as they have been configured in iis. Since it has database I would like to have some security.  Please guide how and where can I buy to be automatically changed from http to https.  I have about 50 users logging onto this site on different times.
Help plz
0
Comment
Question by:amanzoor
  • 4
  • 4
8 Comments
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854010
Create a new file in the root of you web directory called sslredirect.htm
Edit the file and paste in the following, then save:
<html>

<script language="JavaScript">
<!-- begin hide

function goElseWhere()
{
var oldURL = window.location.hostname + window.location.pathname + window.location.search;
var newURL = "https://" + oldURL;
window.location = newURL;
}
goElseWhere();

// end hide -->
</script>

</html>

Next go to the Properties of your website in IIS, under Custom Errors tab. Edit 403;3 and set the file destination to that of the new file you just created.
Finally, under Directory Security, Secure Communication, edit the option to Require SSL.

THIS PROCESS IS TESTED FROM WINDOWS 2003! Should still work with 2008, IIS just may be arranged a little differently.

0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854022
Woops (sorry typo)...edit 403;4
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22855498
ChopperCentury:
Thanks for the reply.  Tell me please:
I have not asked my ISP to mapp https instead of http, Do I have not to buy any https certificates for this? and also how would the DNS resolve to https if I simply make a change in my IIS? i.e a person logging in to my existing URL 'http://servername.mydomainname.com' would first come to my server gets changed to https and goes back?.  Sorry I just want to clarify myself I am weak in this area.
Help plz
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22855926
If I misread the question please let me know....
Is IIS working internally now with http and https?
Is only internal use allowed?
If yes to both then what I gave you will do the trick.
You only need to worry with a cert if accepting external traffic. However, you can use Windows Server to create a self signing cert for free if you simply want to get rid of the security warning message. Here is a site to help you accomplish this in Server '08...
http://www.netometer.com/video/tutorials/server-2008-self-signed-certtificate/
As far as DNS, you are already good to go. http and https are ports 80 and 443 respectively, that can rid on the same IP address.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22862174
ChopperCentury:
Thanks
Yes I want to accept the eternal traffic.  Yes the internal https is enabled in IIS.  Yes I want to generate a self signed certificate.  THe link you sent is an excellent source, too bad it worked only once.  How and where can I find this 'selfssl.exe' command on server 2008?
Basically now I have a rough image of what I need to do in order for my clients to visit through https.
Help
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22864292
Is it possible to get the full command again for 'selfssl.exe' as shown in that slide show?  It will help me issue the certificate for the exact URL I want to?
Thanks
0
 
LVL 10

Accepted Solution

by:
ChopperCentury earned 500 total points
ID: 22864477
From a command prompt you can type:
selfssl /?
This will give you the command options. Also, selfssl.exe is a product from the IIS6 resource kit.
http://support.microsoft.com/kb/840671
The link I gave is the only I could find relating to a step-by-step guide thru IIS7. I have not personally used Windows 2008. The actual selfssl command will work the same as with IIS6. Following are the defualt options if you simply type selfssl and press enter and Y to confirm.
/N:CN=<YOUR COMPUTER NAME> (common name of the certificate)
/K:1024 (key length of the certificate)
/V:7 (validity of the certificate in days)
/S:1 (ID of the site to which the certificate needs to be installed)
/P:443 (SSL port)
Options that you might want to change from the default settings would be the validity days, site ID (if not installing to Default Website), and comman name (if different from the computer name).
0
 
LVL 4

Author Closing Comment

by:amanzoor
ID: 31512177
Thanks I really appreciate your upto the point advice, regards.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question