Solved

SSL, Certificates, IIS 7.0

Posted on 2013-06-05
2
429 Views
Last Modified: 2013-06-06
If I install a certificate on my default web site.  Will it automatically apply to my entire web site on install OR do I go to the folders I want secured with this and set that up from there.

I am worried about intalling at the default site level and impact on entire site when I only need to secure a few folders.'

I know I can do this through IIS properties but not sure what will happen initially when the certificate is installed or if during the install I should select specific settings to make sure it will not impact the entire site.

Please let me know how to make sure my entire site is not impacted.
0
Comment
Question by:kdschool
2 Comments
 
LVL 33

Assisted Solution

by:paulmacd
paulmacd earned 200 total points
ID: 39223370
When you install it, it will apply to the whole site.  This doesn't force browsers to connect via HTTPS - that's up to you - but it makes HTTPS available everywhere on the site.
0
 
LVL 7

Accepted Solution

by:
ded_ch earned 300 total points
ID: 39223377
Hi

No, simply adding the https binding to the site and adding the certificate will not make ssl mandatory for the site just yet.
For that, you would have to set the ssl security setting to "require ssl".

You can apply the https binding to the whole site and add the certificate.
Then you navigate "in content view" to the file or folder you want to protect.
Once you selected it, switch to the "features view" and go to the SSL Settings. Here, select "Require SSL". This will make https(ssl) mandatory for that selected file or folder.
The main website "can" be accessed using https (since there is a binding for it) but it is not mandatory.
Only when the user calls the subfolder or file will he be required to use ssl.

Source: http://technet.microsoft.com/en-us/library/cc755203%28v=ws.10%29.aspx
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now