Points of My Scenario:
1. I am admin of a web server on Windows Server 2008 R2 Enterprise.
2. IIS is enabled, running, and has a working website deployed
3. The website is configured with a certificate
4. Clients received HTTP Error 403 when attempting https (SSL) access
5. I removed the requirement for certificates in IIS 7: I unchecked the "Require SSL" checkbox & I chose the "Ignore" option for "Client Certificates" (all under the website's SSL Settings).
6. Users are still able to access the site using https://
QUESTION: Are users' https connection encrypted/secure? Please provide documentation links where possible.