ASP.NET and Secure Socket Layer

  • Thread starter Thread starter Leszek
  • Start date Start date
L

Leszek

Hello,

Is there anywhere on the net a simple step-by-step guide how to implement
SSL with ASP.NET? My Internet provider enables this feature and I would like
to use it to authenticate users on my WebForms.

Thanks,
Leszek Taratuta
 
Leszek said:
Hello,

Is there anywhere on the net a simple step-by-step guide how to implement
SSL with ASP.NET? My Internet provider enables this feature and I would like
to use it to authenticate users on my WebForms.
Click to expand...

Not sure what you mean - should you not just be able to just prefix https in
the URL, and just go? This normally is all handled by the web server
software (such as IIS), and there certainly is no webform interaction
necessary.

R.
 
That's great!
I thought I need to do some changes to my webforms or the code.

Thanks,
Leszek Taratuta
 
Hi Leszek,

Firstly I want to thank Richard for his great help in this issue.

Based on my research and experience, the following articles are useful to
you.

INFO: Help Secure Forms Authentication by Using Secure Sockets Layer (SSL)
http://support.microsoft.com/default.aspx?scid=kb;en-us;813829
"...
By default, the cookie that contains the forms authentication ticket is not
secured when you use forms authentication in a Microsoft ASP.NET Web
application. This article describes how to help secure forms authentication
by using Secure Sockets Layer (SSL)..."

INFO: Building Secure ASP.NET Web Applications Guide
http://support.microsoft.com/default.aspx?scid=kb;en-us;330246
"...
How To: Set Up SSL on a Web Server
..."

I hope it helps.

Best regards,

Jacob Yang
Microsoft Online Partner Support
Get Secure! ¨C www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
 
the only thing you probably need to do is check if your
secure pages have been accessed using HTTPS and not HTTP.
if they're accessed by HTTP you probably should redirect
to HTTPS...

something like this

if(!Request.IsSecureConnection) Response.Redirect
("https://www.mysecuresite.com");
 
Back
Top