Q. How do I establish a Secure Connection?

[joe_pool_is]

I have been trying to learn how to establish a secure connection for one of our webforms. Everything I have found seems to be very involved and lengthy, but all I am interested in is how to tell .NET to turn the secure connection "ON" when I need it, and "OFF" when I am finished.

 

Could someone give me a rundown of the basics? Example: PageA.aspx is Non-Secure. The OK button on it directs the customer to Secure PageB.aspx (in the same folder). PageB.aspx directs the customer to a third Non-Secure PageC.aspx when PageB.aspx's OK button is clicked.

[bri189a]

http is non-secure

https is secure

 

If you want your page to be under a secure connection direct to it via https://yoursite.com/yourpage.html

 

You'll need a certificate for it to complete correctly, but that's a whole differant issue, this is just the basic concept.

[joe_pool_is]

Where do certificates come from?

 

Are they inserted or declared in the code somewhere? If so, the HTML or the ASP.NET code?

 

Is the certificate something that gets stored on the server?

[bri189a]

Where do certificates come from?

 

Are they inserted or declared in the code somewhere? If so, the HTML or the ASP.NET code?

 

Is the certificate something that gets stored on the server?

You purchase certificates from a CA (Certificate Authority). They are installed on the web server. You shouldn't have to worry about anything other than finding out if your web hosting company supports certificates and if they have a preferred vendor (usually will get you a discount). They aren't cheap; some web host such as mine offer a shared certificate; this is what I use with my web host because it's free with the hosting. There is no coding you need to worry about; you would be able to check through the Server object (I believe) to see if your on a secure connection, but that's about it.