Solved

SSL for dummies

Posted on 2009-04-02
11
882 Views
Last Modified: 2012-06-27
I need to develop an VS2003 ASP.net - VB web application that uses SSL. This new application will be started from an existing application written in ????? that already uses SSL.

I am a newbie with SSL and not really sure where to begin, but I need to get up to speed quickly on this.  I am very familiar with vb.net & ASP and programming languages.  If need be, I can upgrade top VS2005

Help?
0
Comment
Question by:robertjmackay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 11

Expert Comment

by:b_levitt
ID: 24051997
SSL is on the protocol level.  You don't need to do anything from a programming sense to your application to support it.  
0
 

Author Comment

by:robertjmackay
ID: 24052182
so how does my program know to use SSL or not?
0
 
LVL 23

Assisted Solution

by:Stacy Spear
Stacy Spear earned 200 total points
ID: 24052384
By the port used.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Accepted Solution

by:
WeiXi earned 300 total points
ID: 24052493
In general, as b_levitt already pointed out, your program doesn't have to know about SSL at all.

The user connects to your web server (I suppose it's IIS), then the IIS calls your program which, in turn, returns some output. The SSL part is between the use and the IIS, not between the IIS and your program.

Thus, you have to configure the IIS to use SSL, not your program.
0
 

Author Comment

by:robertjmackay
ID: 24052799
I think I just got it.  I specify SSL or not when I add my application to the web server?

OK, The existing site uses SSL ... and I am assuming that using SSL requires a certificate (like I said - bit ignorant on all this stuff)  Will I need another certificate?
0
 
LVL 3

Expert Comment

by:WeiXi
ID: 24053056
> I specify SSL or not when I add my application to the web server?
Yes.

> Will I need another certificate?
Technically speaking, no. That depends on whether the data of the current certificate (owner, domain, etc.) is suitable for the new application.
0
 

Author Comment

by:robertjmackay
ID: 24053127
And how do I find out if it is or is not?  LOL keep in mind, this is all new to me
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 24053244
A valid current cert is all that is needed. Connect to the webserver via https and examine the certificate.
0
 

Author Comment

by:robertjmackay
ID: 24053716
When I log on to the existing application and look at the security report.  A window pops up.  So if I am assuming correctly, providing my application resides on that domain, SSL will be in effect?

Verisign Class 3 Public Primary CA
has identified this site as
appserv.domain.ca
This connection to the server is encrypted

0
 
LVL 3

Expert Comment

by:WeiXi
ID: 24054373
> So if I am assuming correctly, providing my application resides
> on that domain, SSL will be in effect?

The way I understand your setting and question: yes.

However, a "domain" can host multiple web-applications, SSL and non-SSL at the same time. Again, this has nothing to do with your application, but with the way the IIS (or other web server) is set up.

If you plug your application into the web server in the same way as the current application is, then you will be fine. You will be using the same SSL-configuration and SSL-certificate as the current application.
0
 

Author Closing Comment

by:robertjmackay
ID: 31565877
I split the 500 points .. .basically 100 points for each response .. .excellent
thanks a bunch
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question