Creating And Using C# Web Application Over HTTPS - SSL

Whenever we use a Web Application, a common concern is security. As Messages are transferred in plain text over the network, anyone can intercept the message and read it. So a solution is to use HTTPS (SSL) instead of HTTP, so that the communication gets encrypted.

Description

You simply need to do the following:

• Install a Certificate (Issued by Certificate Authority) on the Web Server.
• Create a Web Application using .Net.
• Configure the Web Application to use SSL in IIS.
  

• Path to the Exe.
  /Program Files/Microsoft Visual Studio 8/SDK/v2.0/bin/MakeCert.exe
   
• Create and Install the certificate on the Local Machine
  Makecert -sr LocalMachine –ss My –n CN=ServiceModelSamples-HTTPS-Server –sky exchange –sk ServiceModelSamples-HTTPS-Key.

• Type inetmgr in Run dialog box and open IIS.
• On the Default Website Properties, Select the Directory Security tab:
  
  
   
• Select 'Server Certificate' from 'Secure Communication' section.
• In the popup Wizard, select 'Assign an Existing Certificate'.
• Click and Select HTTPS-Server certificate and finish the wizard.
• Now right-click on your web Application Virtual directory in IIS and select Properties.
  
  
   
• Select Directory Security tab.
• Click on Edit button.
  
  
   
• Check Require Secure Channel (SSL).
• Press OK and Exit the Properties.

View Result

Test the Web Application for HTTPS.

Now in the browser, browse to your web Application, such as:

https://devpoint.dwny1.ca.kp.org/Point2/App_Web/login.aspx

The Browser will show "The page must be viewed over a secure channel".