Solved

HTTPS on Web site

Posted on 2014-03-26
9
304 Views
Last Modified: 2014-04-01
Dear All

i want to implement HTTPS on my web site(ASP.NET & MS SQL 2008) . i have a dedicated server.

recommend me which certificate shall i buy and implement and how to implement it.


Thanks
0
Comment
Question by:Kamal Khaleefa
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 250 total points
ID: 39958210
You can take self sign or CA certificate or purchase third party certificate from godaddy geotrust.

You are going to publish these server over the web i would recommend you purchase thrid party certificate.

To understand difference between third party and self sign certificate refer below link:

http://webdesign.about.com/od/ssl/a/signed_v_selfsi.htm

 http://social.technet.microsoft.com/wiki/contents/articles/15189.difference-between-self-signed-ssl-certificate-authority.aspx

To assign third party certificate in IIS refer below link:

http://www.digicert.com/ssl-certificate-installation-microsoft-iis-7.htm

http://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7

To Create a Self-Signed Server Certificate in IIS 7
http://technet.microsoft.com/en-us/library/cc753127(v=ws.10).aspx
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 125 total points
ID: 39959206
A self signed cert is of no use for a public facing website, you need a cert from a trusted authority.
Any of the big names will do (google ssl providers), if you want to try a free one then have a look at
http://www.startssl.com/
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 39959402
My go-to ssl provider is GeoTrust.  if you are running an ecommerce site you should have an Extended Validation Certificate.

https://www.sslshopper.com/cheapest-ev-ssl-certificates.html
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 58

Expert Comment

by:Gary
ID: 39959413
Extended validation offers no further security than a standard cert, even Amazon don't use them.
0
 
LVL 13

Assisted Solution

by:Greg Hejl
Greg Hejl earned 125 total points
ID: 39959533
Thats right Gary - it's all a scam.  The website tags available don't offer any more security either - but the general public - your customers, want the feel good that this stuff gives them, even though it is just a illusion.

A self signed certificate provides the same protection, with a purchased certificate your website is at least vetted to a company or individual.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39959552
I don't think most people even know/understand the difference,
In Chrome the only visible difference is the little green background on the left of the address bar, normal certs get the green padlock.
0
 
LVL 16

Author Comment

by:Kamal Khaleefa
ID: 39962838
Thanks to all of you
My site will contain a payment facility for subscription

So from where i can buy good certificate
Give me some good sites

Thanks
0
 
LVL 58

Expert Comment

by:Gary
ID: 39962853
0
 
LVL 16

Author Closing Comment

by:Kamal Khaleefa
ID: 39969208
Thank you all
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question