|
asp.net application - http to https
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with any http connections and only use https for services that are used by external users. I have not got a clue how to go about this. My users are authenticated directly by querying a sql table where the user names and passwords are stored. What do I need to do to my application or IIS so that internal users use http and external use https? Any help on this will be appreciated. |
Re: asp.net application - http to https
Whbat you're talking about is using SSL (Secure Sockets Layer). This
encrypts data being sent back and forth between client and server. You need to obtain and install a Secure Certificate on the web server first. See http://www.verisign.com/ssl/ssl-information-center/ for details. After that, it's simply a matter of ensuring that all links in the web site are via HTTPS instead of HTTP, by changing any absolute path references to use "https://" instead of "http://" A relative path that comes from an HTTPS-requested page will use the same protocol. -- HTH, Kevin Spencer Microsoft MVP Chicken Salad Surgery What You Seek Is What You Get. <bkasmai@gmail.com> wrote in message news:1158337454.649153.314450@e3g2000cwe.googlegro ups.com... > My asp.net application (developed using vs2003) runs fine on a windows > 2000 server using iis 5.0. Our network manager wants to do away with > any http connections and only use https for services that are used by > external users. I have not got a clue how to go about this. My users > are authenticated directly by querying a sql table where the user names > and passwords are stored. What do I need to do to my application or IIS > so that internal users use http and external use https? Any help on > this will be appreciated. > |
Re: asp.net application - http to https
Thanks for you help. I am now much more conversed with https than I was
before. Do i really need to go through the bother of acquiring a digital certificate if all we need is to allow remote users from another private lan to access our application via https? The firewalls on both sides make sure that only machines with specific ip addresses can get through. The main reason for using https is the security of data while on transit from one private network to another. Can we use a self certification cheme? Do we need certification for every Web server in our network? The application is an asp.net with virtually all codes behind on the server with no explicit reference to http:// ... within the codes? PS Please forgive may ignorance. The main focus of my work is on application develpment rather than implementation. Kevin Spencer wrote: > Whbat you're talking about is using SSL (Secure Sockets Layer). This > encrypts data being sent back and forth between client and server. You need > to obtain and install a Secure Certificate on the web server first. See > http://www.verisign.com/ssl/ssl-information-center/ for details. After that, > it's simply a matter of ensuring that all links in the web site are via > HTTPS instead of HTTP, by changing any absolute path references to use > "https://" instead of "http://" A relative path that comes from an > HTTPS-requested page will use the same protocol. > > -- > HTH, > > Kevin Spencer > Microsoft MVP > Chicken Salad Surgery > > What You Seek Is What You Get. > > <bkasmai@gmail.com> wrote in message > news:1158337454.649153.314450@e3g2000cwe.googlegro ups.com... > > My asp.net application (developed using vs2003) runs fine on a windows > > 2000 server using iis 5.0. Our network manager wants to do away with > > any http connections and only use https for services that are used by > > external users. I have not got a clue how to go about this. My users > > are authenticated directly by querying a sql table where the user names > > and passwords are stored. What do I need to do to my application or IIS > > so that internal users use http and external use https? Any help on > > this will be appreciated. > > |
Re: asp.net application - http to https
Hi,
I'm not sure if it will helps you. But for my intranets, I generate an SSL certificate with my own certificate authority created on a windows 2k3 server. It's really simple to implments if your goal is to crypt data (you only need to install certificate authority component). Otherwise, If your goal is to authenticate your server you have to fallow KB on implementing a PKI infrastructure. Hope it will help you. Vincent http://varod.blogspot.com bkas...@gmail.com a écrit : > Thanks for you help. I am now much more conversed with https than I was > before. Do i really need to go through the bother of acquiring a > digital certificate if all we need is to allow remote users from > another private lan to access our application via https? The firewalls > on both sides make sure that only machines with specific ip addresses > can get through. The main reason for using https is the security of > data while on transit from one private network to another. Can we use a > self certification cheme? Do we need certification for every Web server > in our network? The application is an asp.net with virtually all codes > behind on the server with no explicit reference to http:// ... within > the codes? > > PS Please forgive may ignorance. The main focus of my work is on > application develpment rather than implementation. > > > Kevin Spencer wrote: > > Whbat you're talking about is using SSL (Secure Sockets Layer). This > > encrypts data being sent back and forth between client and server. You need > > to obtain and install a Secure Certificate on the web server first. See > > http://www.verisign.com/ssl/ssl-information-center/ for details. After that, > > it's simply a matter of ensuring that all links in the web site are via > > HTTPS instead of HTTP, by changing any absolute path references to use > > "https://" instead of "http://" A relative path that comes from an > > HTTPS-requested page will use the same protocol. > > > > -- > > HTH, > > > > Kevin Spencer > > Microsoft MVP > > Chicken Salad Surgery > > > > What You Seek Is What You Get. > > > > <bkasmai@gmail.com> wrote in message > > news:1158337454.649153.314450@e3g2000cwe.googlegro ups.com... > > > My asp.net application (developed using vs2003) runs fine on a windows > > > 2000 server using iis 5.0. Our network manager wants to do away with > > > any http connections and only use https for services that are used by > > > external users. I have not got a clue how to go about this. My users > > > are authenticated directly by querying a sql table where the user names > > > and passwords are stored. What do I need to do to my application or IIS > > > so that internal users use http and external use https? Any help on > > > this will be appreciated. > > > |
Re: asp.net application - http to https
Thanks. This was helpful.
Vincent A. wrote: > Hi, > > I'm not sure if it will helps you. But for my intranets, I generate an > SSL certificate with my own certificate authority created on a windows > 2k3 server. It's really simple to implments if your goal is to crypt > data (you only need to install certificate authority component). > Otherwise, If your goal is to authenticate your server you have to > fallow KB on implementing a PKI infrastructure. > > Hope it will help you. > > Vincent > http://varod.blogspot.com > > bkas...@gmail.com a écrit : > > > Thanks for you help. I am now much more conversed with https than I was > > before. Do i really need to go through the bother of acquiring a > > digital certificate if all we need is to allow remote users from > > another private lan to access our application via https? The firewalls > > on both sides make sure that only machines with specific ip addresses > > can get through. The main reason for using https is the security of > > data while on transit from one private network to another. Can we use a > > self certification cheme? Do we need certification for every Web server > > in our network? The application is an asp.net with virtually all codes > > behind on the server with no explicit reference to http:// ... within > > the codes? > > > > PS Please forgive may ignorance. The main focus of my work is on > > application develpment rather than implementation. > > > > > > Kevin Spencer wrote: > > > Whbat you're talking about is using SSL (Secure Sockets Layer). This > > > encrypts data being sent back and forth between client and server. You need > > > to obtain and install a Secure Certificate on the web server first. See > > > http://www.verisign.com/ssl/ssl-information-center/ for details. After that, > > > it's simply a matter of ensuring that all links in the web site are via > > > HTTPS instead of HTTP, by changing any absolute path references to use > > > "https://" instead of "http://" A relative path that comes from an > > > HTTPS-requested page will use the same protocol. > > > > > > -- > > > HTH, > > > > > > Kevin Spencer > > > Microsoft MVP > > > Chicken Salad Surgery > > > > > > What You Seek Is What You Get. > > > > > > <bkasmai@gmail.com> wrote in message > > > news:1158337454.649153.314450@e3g2000cwe.googlegro ups.com... > > > > My asp.net application (developed using vs2003) runs fine on a windows > > > > 2000 server using iis 5.0. Our network manager wants to do away with > > > > any http connections and only use https for services that are used by > > > > external users. I have not got a clue how to go about this. My users > > > > are authenticated directly by querying a sql table where the user names > > > > and passwords are stored. What do I need to do to my application or IIS > > > > so that internal users use http and external use https? Any help on > > > > this will be appreciated. > > > > |
| All times are GMT. The time now is 01:32 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.