?
Solved

http website planning to have https

Posted on 2008-10-31
8
Medium Priority
?
233 Views
Last Modified: 2012-08-13
Hi experts!
I have a server 2008 ent edition, users work through TS web access (it has some microsoft access database files) , and the website address starts like 'http://myservername.mydomainname.com'. Internally both http and https work as they have been configured in iis. Since it has database I would like to have some security.  Please guide how and where can I buy to be automatically changed from http to https.  I have about 50 users logging onto this site on different times.
Help plz
0
Comment
Question by:amanzoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854010
Create a new file in the root of you web directory called sslredirect.htm
Edit the file and paste in the following, then save:
<html>

<script language="JavaScript">
<!-- begin hide

function goElseWhere()
{
var oldURL = window.location.hostname + window.location.pathname + window.location.search;
var newURL = "https://" + oldURL;
window.location = newURL;
}
goElseWhere();

// end hide -->
</script>

</html>

Next go to the Properties of your website in IIS, under Custom Errors tab. Edit 403;3 and set the file destination to that of the new file you just created.
Finally, under Directory Security, Secure Communication, edit the option to Require SSL.

THIS PROCESS IS TESTED FROM WINDOWS 2003! Should still work with 2008, IIS just may be arranged a little differently.

0
 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22854022
Woops (sorry typo)...edit 403;4
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22855498
ChopperCentury:
Thanks for the reply.  Tell me please:
I have not asked my ISP to mapp https instead of http, Do I have not to buy any https certificates for this? and also how would the DNS resolve to https if I simply make a change in my IIS? i.e a person logging in to my existing URL 'http://servername.mydomainname.com' would first come to my server gets changed to https and goes back?.  Sorry I just want to clarify myself I am weak in this area.
Help plz
0
10 Questions to Ask when Buying Backup Software

Choosing the right backup solution for your organization can be a daunting task. To make the selection process easier, ask solution providers these 10 key questions.

 
LVL 10

Expert Comment

by:ChopperCentury
ID: 22855926
If I misread the question please let me know....
Is IIS working internally now with http and https?
Is only internal use allowed?
If yes to both then what I gave you will do the trick.
You only need to worry with a cert if accepting external traffic. However, you can use Windows Server to create a self signing cert for free if you simply want to get rid of the security warning message. Here is a site to help you accomplish this in Server '08...
http://www.netometer.com/video/tutorials/server-2008-self-signed-certtificate/
As far as DNS, you are already good to go. http and https are ports 80 and 443 respectively, that can rid on the same IP address.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22862174
ChopperCentury:
Thanks
Yes I want to accept the eternal traffic.  Yes the internal https is enabled in IIS.  Yes I want to generate a self signed certificate.  THe link you sent is an excellent source, too bad it worked only once.  How and where can I find this 'selfssl.exe' command on server 2008?
Basically now I have a rough image of what I need to do in order for my clients to visit through https.
Help
0
 
LVL 4

Author Comment

by:amanzoor
ID: 22864292
Is it possible to get the full command again for 'selfssl.exe' as shown in that slide show?  It will help me issue the certificate for the exact URL I want to?
Thanks
0
 
LVL 10

Accepted Solution

by:
ChopperCentury earned 2000 total points
ID: 22864477
From a command prompt you can type:
selfssl /?
This will give you the command options. Also, selfssl.exe is a product from the IIS6 resource kit.
http://support.microsoft.com/kb/840671
The link I gave is the only I could find relating to a step-by-step guide thru IIS7. I have not personally used Windows 2008. The actual selfssl command will work the same as with IIS6. Following are the defualt options if you simply type selfssl and press enter and Y to confirm.
/N:CN=<YOUR COMPUTER NAME> (common name of the certificate)
/K:1024 (key length of the certificate)
/V:7 (validity of the certificate in days)
/S:1 (ID of the site to which the certificate needs to be installed)
/P:443 (SSL port)
Options that you might want to change from the default settings would be the validity days, site ID (if not installing to Default Website), and comman name (if different from the computer name).
0
 
LVL 4

Author Closing Comment

by:amanzoor
ID: 31512177
Thanks I really appreciate your upto the point advice, regards.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question