Skip to main content

Related Articles

Loading...

How To Setup HTTPS Enabled Web Site

HTTP (Hypertext Transfer Protocol) is the normal web protocol that define how to browse a web site's content using its domain name. In HTTP data transmission between client machine and web server machine as means of plain text streams. Any person in between client machine and web server machine can read these information transfer through. If the data transmission should be secured and only authorized persons should be readable then it is needed to follow few steps further. There are several ways that can implement security for a website such as introduction of authorization/authentication methods, SSL (Secure Socket Layer), VPN (Virtual Private Network) etc. These methods have pros and cons with regards to the charasteristics. By implementing these techniques together we would be able to secure the site's contents further.

SSL (Secure Socket Layer) is used to transfer data between web server machine and client machine as encrypted data stream. SSL enabled websites should operated only on HTTPS protocol. These websites we called as HTTPS enabled or secured website. To implement SSL on our website we need to take security certificate from trusted third party organization. Verisign, COMODO, Thawte, Equifax, Go Daddy, Entrust and GeoTrust are leading SSL secure certificate providers. It is needed to select the correct secure certificate for your purpose and budget. You can concentrate on following while you are selecting a security certificate.
  1. Your budget
  2. Your purpose whether you need very high security or medium security
  3. Web server using
  4. Operating system that the web server is running
  5. Encryption algorithm
  6. Private Key size (normally 1024/2048)
  7. Warranty that they provided

Once you decided from which provider you are purchasing a certificate you need to follow few steps to complete the installation of certificate in the web server.

Step 1:

Before you install SSL security certificate you need to buy a commercial certificate or get a free test certificate. Free test certificates are only for testing purposes only and they are not allowed to use for commercial purposes. Before purchase or download test certificate you need to generate CSR (Certificate Server Request) from your web server. This request is contained all the necessary details to process a security certificate for your server. Please keep in mind that this certificate server request should generated only from the machine that your are going to install the certificate.

Open IIS Manager (Internet Information Services Manager) by browsing from Control Panel or run "inetmgr" command. Select the server name from left side pane. Double click on "Server Certificates" icon.


Fig 1: Server Certificate Icon


In "Actions" pane you will see few options such as Import, Create Certificate Request, Complete Certificate Request, Create Domain Certificates and Create Self-Signed Certificates.

Fig 2: Server Certificates window

If you have already installed security certificates are there it will down in server certificates list. To create new certificate server request click on "Create Certificate Request" link. It will open "Request Certificate" window.

Fig 3: Request Certificate window

Fill all the required details as of your domain and complete the form. At the end of the window it will asked a location to save your certification request. You can give any name for this file. Keep this file till you purchase your security certificate since it will ask the content of this file for certificate generation process.

Step 2:

Next step is to purchase your commercial certificate or download test certificate. Go to the site official web site of the security certificate provider you have been selected. Complete the security certificate apply forms and when it asks for CSR (Certificate Server Request) you should copy the content of CSR file you generated in step 1. When you are coping the content of this file, open that file only using plain text editors like notepad. Never use rich text editors like Ms-Word since it might add some additional characters. If everything success complete the certification application process and you will end up with the certificate generated for you by the certification authority. Final step is to install the purchased or downloaded certificate in your web server.

Step 3:
Fig 4: Complete Certificate Request window

From step 2 you will get a certificate file which is having extension as ".cer". Once you have this certificate file click "Complete Certificate Request" link in Actions pane. In "Complete Certificate Request" window browse your certificate and provide friendly name for easily identify the certificate among other installed security certificate in the server. Complete this window and you will get successfully installed your security certificate in your server.

Step 4:

Once you successfully installed security certificate in your web server next step is to bind the certificate with your particular web site. In one server there might have more than one certificates installed. You should specifically set which certificate should use by your web site. For that in IIS Manager select your particular web site and click on "Bindings" link in Actions pane. By default you will have only HTTP binding for a web site. You should add HTTPS binding and specify which security certificate or SSL certificate to use from the certificate drop down list.

If everything done you have successfully setup your HTTPS enables or Secured web site. Now browse your web site from your browser and see the progress of your work. Please make sure that you are typing "https://" not "http".

What is SSL?

SSL stands for Secure Socket Layer. It uses HTTPS (Hypertext Transfer Protocol Secure) protocol instead of general HTTP protocol. HTTPS is a combination of the Hypertext Transfer Protocol and a network security protocol.

HTTP operates at the highest layer of the TCP/IP Internet reference model, the Application layer; but the security protocol operates at a lower sublayer, encrypting an HTTP message prior to transmission and decrypting a message upon arrival.

HTTPS has also been known as "Hypertext Transfer Protocol over Secure Socket Layer", but now HTTPS may be secured by the Transport Layer Security (TLS) instead of Secure Sockets Layer (SSL) protocol.

To invoke HTTPS, one replaces "http://" with "https://" in the URI, or Web address.

HTTPS connections are often used for payment transactions on the Web and for sensitive transactions in corporate information systems.

Comments

Post a Comment

Popular posts from this blog

The Power of ChatGPT and Whisper Models

A Deep Dive into Natural Language Processing Natural Language Processing (NLP) has seen a significant boost in recent years due to advancements in artificial intelligence and machine learning. Two models that have shown remarkable success in NLP are ChatGPT and Whisper. In this article, we will delve into the power of these models and their applications in the field of NLP. ChatGPT is a transformer-based language model developed by OpenAI that uses unsupervised learning to predict the next word in a sentence based on the context of previous words. ChatGPT is a generative model that is trained on large datasets of text, such as books and articles, and can be fine-tuned for specific tasks, such as question-answering or dialogue generation. ChatGPT is known for its ability to produce human-like text, making it an ideal tool for applications such as chatbots, content creation, and language translation. Whisper, on the other hand, is a paraphrasing model developed by Google that is based on
Post a Comment
Read more

Angular PrimeNG checkboxes styling and events handling

  Getting Started With PrimeNG Styling in Angular App This chapter I am planning to show how you can handle events of the checkboxes. For that I will use checkbox for every card to place the order.  To use PrimeNG checkboxes you have to import checkbox module in app.module.ts file. import {CheckboxModule} from 'primeng/checkbox'; import { BrowserModule } from '@angular/platform-browser'; import { NgModule } from '@angular/core'; import { AppRoutingModule } from './app-routing.module'; import { AppComponent } from './app.component'; import { LandingComponent } from './modules/landing/landing.component'; import { HomeComponent } from './modules/home/home.component'; import { CardModule } from 'primeng/card'; import {CheckboxModule} from 'primeng/checkbox'; @NgModule({ declarations: [ AppComponent, LandingComponent, HomeComponent ], imports: [ BrowserModule, AppRoutingModule, CardModu
Post a Comment
Read more

Angular NgFor directive and trackby

Today we will learn about NgFor one of the core directive of angular. NgFor helps to build list and tables in Angular   Let us see the example in our flower store app. In the landing page I am going to print list of flowers that are available in the store. Later we will add images and show them in a carousel to rotate automatically. First we will create the domain class called flower.ts and you can copy paste below code.  export class flower{ constructor() { } name:string=''; price:number = 0; availableQuantity:number = 0 } To use this domain class inside another component you must specify export keyword along with the class keyword. Flower domain has 3 attributes to store name of the flower then price and the available quantity. Now we can create the array from the flower type as below inside the landing.component.ts file. myFlowerList:flower[]=[]; I will call a method inside ngOnInit to add values to the array as below. ngOnInit is one of t
Post a Comment
Read more