SSL for dummies

I need to develop an VS2003 ASP.net - VB web application that uses SSL. This new application will be started from an existing application written in ????? that already uses SSL.

I am a newbie with SSL and not really sure where to begin, but I need to get up to speed quickly on this.  I am very familiar with vb.net & ASP and programming languages.  If need be, I can upgrade top VS2005

Help?
robertjmackayAsked:
Who is Participating?
 
WeiXiConnect With a Mentor Commented:
In general, as b_levitt already pointed out, your program doesn't have to know about SSL at all.

The user connects to your web server (I suppose it's IIS), then the IIS calls your program which, in turn, returns some output. The SSL part is between the use and the IIS, not between the IIS and your program.

Thus, you have to configure the IIS to use SSL, not your program.
0
 
b_levittCommented:
SSL is on the protocol level.  You don't need to do anything from a programming sense to your application to support it.  
0
 
robertjmackayAuthor Commented:
so how does my program know to use SSL or not?
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Stacy SpearConnect With a Mentor President/Principal ConsultantCommented:
By the port used.
0
 
robertjmackayAuthor Commented:
I think I just got it.  I specify SSL or not when I add my application to the web server?

OK, The existing site uses SSL ... and I am assuming that using SSL requires a certificate (like I said - bit ignorant on all this stuff)  Will I need another certificate?
0
 
WeiXiCommented:
> I specify SSL or not when I add my application to the web server?
Yes.

> Will I need another certificate?
Technically speaking, no. That depends on whether the data of the current certificate (owner, domain, etc.) is suitable for the new application.
0
 
robertjmackayAuthor Commented:
And how do I find out if it is or is not?  LOL keep in mind, this is all new to me
0
 
Stacy SpearPresident/Principal ConsultantCommented:
A valid current cert is all that is needed. Connect to the webserver via https and examine the certificate.
0
 
robertjmackayAuthor Commented:
When I log on to the existing application and look at the security report.  A window pops up.  So if I am assuming correctly, providing my application resides on that domain, SSL will be in effect?

Verisign Class 3 Public Primary CA
has identified this site as
appserv.domain.ca
This connection to the server is encrypted

0
 
WeiXiCommented:
> So if I am assuming correctly, providing my application resides
> on that domain, SSL will be in effect?

The way I understand your setting and question: yes.

However, a "domain" can host multiple web-applications, SSL and non-SSL at the same time. Again, this has nothing to do with your application, but with the way the IIS (or other web server) is set up.

If you plug your application into the web server in the same way as the current application is, then you will be fine. You will be using the same SSL-configuration and SSL-certificate as the current application.
0
 
robertjmackayAuthor Commented:
I split the 500 points .. .basically 100 points for each response .. .excellent
thanks a bunch
0
All Courses

From novice to tech pro — start learning today.