Solved

HTTPS on Web site

Posted on 2014-03-26
9
309 Views
Last Modified: 2014-04-01
Dear All

i want to implement HTTPS on my web site(ASP.NET & MS SQL 2008) . i have a dedicated server.

recommend me which certificate shall i buy and implement and how to implement it.


Thanks
0
Comment
Question by:Kamal Khaleefa
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 250 total points
ID: 39958210
You can take self sign or CA certificate or purchase third party certificate from godaddy geotrust.

You are going to publish these server over the web i would recommend you purchase thrid party certificate.

To understand difference between third party and self sign certificate refer below link:

http://webdesign.about.com/od/ssl/a/signed_v_selfsi.htm

 http://social.technet.microsoft.com/wiki/contents/articles/15189.difference-between-self-signed-ssl-certificate-authority.aspx

To assign third party certificate in IIS refer below link:

http://www.digicert.com/ssl-certificate-installation-microsoft-iis-7.htm

http://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7

To Create a Self-Signed Server Certificate in IIS 7
http://technet.microsoft.com/en-us/library/cc753127(v=ws.10).aspx
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 125 total points
ID: 39959206
A self signed cert is of no use for a public facing website, you need a cert from a trusted authority.
Any of the big names will do (google ssl providers), if you want to try a free one then have a look at
http://www.startssl.com/
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 39959402
My go-to ssl provider is GeoTrust.  if you are running an ecommerce site you should have an Extended Validation Certificate.

https://www.sslshopper.com/cheapest-ev-ssl-certificates.html
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 58

Expert Comment

by:Gary
ID: 39959413
Extended validation offers no further security than a standard cert, even Amazon don't use them.
0
 
LVL 13

Assisted Solution

by:Greg Hejl
Greg Hejl earned 125 total points
ID: 39959533
Thats right Gary - it's all a scam.  The website tags available don't offer any more security either - but the general public - your customers, want the feel good that this stuff gives them, even though it is just a illusion.

A self signed certificate provides the same protection, with a purchased certificate your website is at least vetted to a company or individual.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39959552
I don't think most people even know/understand the difference,
In Chrome the only visible difference is the little green background on the left of the address bar, normal certs get the green padlock.
0
 
LVL 16

Author Comment

by:Kamal Khaleefa
ID: 39962838
Thanks to all of you
My site will contain a payment facility for subscription

So from where i can buy good certificate
Give me some good sites

Thanks
0
 
LVL 58

Expert Comment

by:Gary
ID: 39962853
0
 
LVL 16

Author Closing Comment

by:Kamal Khaleefa
ID: 39969208
Thank you all
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PHP 5.6 and 7.x 4 41
Running powershell scripts from ASP.NET 6 60
asp.net uploading picture to a temporary folder 4 26
Google Maps with Webforms 1 29
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question