Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

HTTPS on Web site

Posted on 2014-03-26
9
Medium Priority
?
351 Views
Last Modified: 2014-04-01
Dear All

i want to implement HTTPS on my web site(ASP.NET & MS SQL 2008) . i have a dedicated server.

recommend me which certificate shall i buy and implement and how to implement it.


Thanks
0
Comment
Question by:Kamal Khaleefa
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 1000 total points
ID: 39958210
You can take self sign or CA certificate or purchase third party certificate from godaddy geotrust.

You are going to publish these server over the web i would recommend you purchase thrid party certificate.

To understand difference between third party and self sign certificate refer below link:

http://webdesign.about.com/od/ssl/a/signed_v_selfsi.htm

 http://social.technet.microsoft.com/wiki/contents/articles/15189.difference-between-self-signed-ssl-certificate-authority.aspx

To assign third party certificate in IIS refer below link:

http://www.digicert.com/ssl-certificate-installation-microsoft-iis-7.htm

http://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7

To Create a Self-Signed Server Certificate in IIS 7
http://technet.microsoft.com/en-us/library/cc753127(v=ws.10).aspx
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 500 total points
ID: 39959206
A self signed cert is of no use for a public facing website, you need a cert from a trusted authority.
Any of the big names will do (google ssl providers), if you want to try a free one then have a look at
http://www.startssl.com/
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 39959402
My go-to ssl provider is GeoTrust.  if you are running an ecommerce site you should have an Extended Validation Certificate.

https://www.sslshopper.com/cheapest-ev-ssl-certificates.html
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 58

Expert Comment

by:Gary
ID: 39959413
Extended validation offers no further security than a standard cert, even Amazon don't use them.
0
 
LVL 13

Assisted Solution

by:Greg Hejl
Greg Hejl earned 500 total points
ID: 39959533
Thats right Gary - it's all a scam.  The website tags available don't offer any more security either - but the general public - your customers, want the feel good that this stuff gives them, even though it is just a illusion.

A self signed certificate provides the same protection, with a purchased certificate your website is at least vetted to a company or individual.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39959552
I don't think most people even know/understand the difference,
In Chrome the only visible difference is the little green background on the left of the address bar, normal certs get the green padlock.
0
 
LVL 16

Author Comment

by:Kamal Khaleefa
ID: 39962838
Thanks to all of you
My site will contain a payment facility for subscription

So from where i can buy good certificate
Give me some good sites

Thanks
0
 
LVL 58

Expert Comment

by:Gary
ID: 39962853
0
 
LVL 16

Author Closing Comment

by:Kamal Khaleefa
ID: 39969208
Thank you all
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month20 days, 15 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question