Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 901
  • Last Modified:

SSL for dummies

I need to develop an VS2003 ASP.net - VB web application that uses SSL. This new application will be started from an existing application written in ????? that already uses SSL.

I am a newbie with SSL and not really sure where to begin, but I need to get up to speed quickly on this.  I am very familiar with vb.net & ASP and programming languages.  If need be, I can upgrade top VS2005

Help?
0
robertjmackay
Asked:
robertjmackay
  • 5
  • 3
  • 2
  • +1
2 Solutions
 
b_levittCommented:
SSL is on the protocol level.  You don't need to do anything from a programming sense to your application to support it.  
0
 
robertjmackayAuthor Commented:
so how does my program know to use SSL or not?
0
 
Stacy SpearCommented:
By the port used.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
WeiXiCommented:
In general, as b_levitt already pointed out, your program doesn't have to know about SSL at all.

The user connects to your web server (I suppose it's IIS), then the IIS calls your program which, in turn, returns some output. The SSL part is between the use and the IIS, not between the IIS and your program.

Thus, you have to configure the IIS to use SSL, not your program.
0
 
robertjmackayAuthor Commented:
I think I just got it.  I specify SSL or not when I add my application to the web server?

OK, The existing site uses SSL ... and I am assuming that using SSL requires a certificate (like I said - bit ignorant on all this stuff)  Will I need another certificate?
0
 
WeiXiCommented:
> I specify SSL or not when I add my application to the web server?
Yes.

> Will I need another certificate?
Technically speaking, no. That depends on whether the data of the current certificate (owner, domain, etc.) is suitable for the new application.
0
 
robertjmackayAuthor Commented:
And how do I find out if it is or is not?  LOL keep in mind, this is all new to me
0
 
Stacy SpearCommented:
A valid current cert is all that is needed. Connect to the webserver via https and examine the certificate.
0
 
robertjmackayAuthor Commented:
When I log on to the existing application and look at the security report.  A window pops up.  So if I am assuming correctly, providing my application resides on that domain, SSL will be in effect?

Verisign Class 3 Public Primary CA
has identified this site as
appserv.domain.ca
This connection to the server is encrypted

0
 
WeiXiCommented:
> So if I am assuming correctly, providing my application resides
> on that domain, SSL will be in effect?

The way I understand your setting and question: yes.

However, a "domain" can host multiple web-applications, SSL and non-SSL at the same time. Again, this has nothing to do with your application, but with the way the IIS (or other web server) is set up.

If you plug your application into the web server in the same way as the current application is, then you will be fine. You will be using the same SSL-configuration and SSL-certificate as the current application.
0
 
robertjmackayAuthor Commented:
I split the 500 points .. .basically 100 points for each response .. .excellent
thanks a bunch
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now