10

I have a web app (ASP.NET MVC4) and I need to enable HTTPS/SSL to it.

I checked a lot of articles and tutorials on how to do it, but I didn't get one thing:

Some places talks only about the configuration of IIS :

  1. RapidSSL:

https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO22345

  1. Nice blog:

http://weblogs.asp.net/scottgu/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates

And some places talks only about code (within the app):

  1. TrailMax:

http://tech.trailmax.info/2014/02/implemnting-https-everywhere-in-asp-net-mvc-application/

So my question is how I need to approach this topic?

I want to enable the HTTPS with a temporary self-signed certificate and then buy a real certificate, what do I need to do? Configure IIS? Configure my code? Both?

If someone could guide me through this.

Thank you

Improve this question
2
  • 2
    You need to create a self signed certificate and configure IIS to use it, both those steps are explained in the links you provided. This will enable you to start developing on your machine. Once you're ready to hit production you'll need to buy a SSL certificate and configure it on IIS. Basically you've everything you need, you only need to try now :) Commented Sep 14, 2014 at 8:33
  • You have added some good material, Thank you. Commented Feb 24, 2015 at 10:00

1 Answer 1

Reset to default
8
  1. The first article describes how to install a new rapidSSL certificate
  2. The second describes how to install a self-signed certificate (not signed with any trusted certificate authority, mainly used for testing purposes) - you want to do this
  3. The last article describes what to do if you want to restrict your mvc website only to https (http requests will ben not possible then). Steps 1 or 2 must be completed before you start to work on this. It depends on your requirements if you need to restrict your site only to https.
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So if i want to restrict the use to HTTPS only I need to do step 1 and 2 from the last article and than the second article (" how to install a self-signed certificate"), did I understand you completely?
Install the certificate first and then implement the restrictions.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.