Monday, June 11, 2007

How to make website SSL enable.

Secure Socket Layer(SSL) is used for secured communication over the internet. Banking services, e-commerce etc. websites implement SSL so that they can be accessible through Https protocol for secured communication. If you wish, you can configure only a section of your website should be accessible through https and rest of the website can be accessed through http protocol. Like in the online shopping website only the payment section of the website can be configured to be access through https protocol.

In order to make website SSL enabled, we need a certificate. There are many different web sites that provide certificates for use on IIS like www.verisighn.com.
Although, windows comes pre-installed with some certificates of trusted companies. These certificates can be viewed by running certmgr.msc from the comsole window. For any certificate in the list of trusted certificates your program(IE), will not give you warning when you access their website with SSL enabled.

To show how to setup an SSL website we will use a trial certificate that Verisign provides to anyone. Before that create the certificate request.

Follow these steps:

1. Open the IIS manager window.
2. Right click on the website/virtual directory and choose property window.
3. In the Property window choose Directory Security tab and click on server certificate button.
4. Certificate Wizard window will open, click on next and choose Create a new certificate option. Now follow the wizard steps.
5. The web server certificate wizard will create a certificate request and it will ask you where you want to save it to. Save it somewhere where you can easily access it because you will need to open up the file and submit it to Verisign in order for a certificate response to be sent back to you.
6.Open the text file that contains certificate request and copy its content.
7. Now open http://www.verisign.com/ in IE. Once the page has loaded up find the link "SSL Trial ID" and click on it.
8. The Verisign web site will now take you though the process of obtaining a certificate.
9. In this process on the step "Submit CSR" enter in the certificate request that you copied earlier and click on continue.
10. After the process steps complete, your certificate response will be e-mailed to you.
11. Now check your mail account for the certificate response,At the bottom of the e-mail Verisign sent you is the certificate that you need. Copy this text from the BEGIN CERTIFICATE to the END CERTIFICATE include those lines.
12. Open notepad, paste the text into it and save the file as response.txt.
13. Go back to your web site's Properties dialog and click on the Directory Security tab. Click on the Server Certificate button. Click "Next" until you come to the screen shown. Make sure the "Process the pending request and install the certificate" option is selected. Click Next.
14.In the next screen click on browse to browse the response.txt file, click on next and complete the rest of the steps.
15. Click on the "Edit" button located in the Directory Security tab of the web site's Properties dialog.
16. Check the "Require secure channel (SSL)" checkbox and click on OK.

Now Our site have become SSL enabled.To access your SSL enabled website use https instead of http.


To configure a perticular web page inntead of whole site to be accessed using https protocol, right click on that perticular web page in the IIS manager and open its property window.Click on the "Edit" button located in the Directory Security tab of the web site's Properties dialog and Check the "Require secure channel (SSL)"
checkbox and click on OK.

6 comments:

Munish said...

Nice Article !! i was looking for something like this to make a page SSL in the web site. Thanks!!

bhanu said...

nice article, could you give some detail regarding client certificate autentication and which sites uses client certificate authentication

Anonymous said...

Good article

creation site internet annecy haute savoie said...

If you want a flawless and functional website, let the professional do the work for you. They know best how to represent your ideals and plans.

Rachat de credit said...

Thanks a lot for the guide, this information was extremely important for me to master how to make website ssl enable.. Thanks

Anonymous said...

Nice thanks!!!!