Skip to main content

Related Articles

Loading...

How To Setup HTTPS Enabled Web Site

HTTP (Hypertext Transfer Protocol) is the normal web protocol that define how to browse a web site's content using its domain name. In HTTP data transmission between client machine and web server machine as means of plain text streams. Any person in between client machine and web server machine can read these information transfer through. If the data transmission should be secured and only authorized persons should be readable then it is needed to follow few steps further. There are several ways that can implement security for a website such as introduction of authorization/authentication methods, SSL (Secure Socket Layer), VPN (Virtual Private Network) etc. These methods have pros and cons with regards to the charasteristics. By implementing these techniques together we would be able to secure the site's contents further.

SSL (Secure Socket Layer) is used to transfer data between web server machine and client machine as encrypted data stream. SSL enabled websites should operated only on HTTPS protocol. These websites we called as HTTPS enabled or secured website. To implement SSL on our website we need to take security certificate from trusted third party organization. Verisign, COMODO, Thawte, Equifax, Go Daddy, Entrust and GeoTrust are leading SSL secure certificate providers. It is needed to select the correct secure certificate for your purpose and budget. You can concentrate on following while you are selecting a security certificate.
  1. Your budget
  2. Your purpose whether you need very high security or medium security
  3. Web server using
  4. Operating system that the web server is running
  5. Encryption algorithm
  6. Private Key size (normally 1024/2048)
  7. Warranty that they provided

Once you decided from which provider you are purchasing a certificate you need to follow few steps to complete the installation of certificate in the web server.

Step 1:

Before you install SSL security certificate you need to buy a commercial certificate or get a free test certificate. Free test certificates are only for testing purposes only and they are not allowed to use for commercial purposes. Before purchase or download test certificate you need to generate CSR (Certificate Server Request) from your web server. This request is contained all the necessary details to process a security certificate for your server. Please keep in mind that this certificate server request should generated only from the machine that your are going to install the certificate.

Open IIS Manager (Internet Information Services Manager) by browsing from Control Panel or run "inetmgr" command. Select the server name from left side pane. Double click on "Server Certificates" icon.


Fig 1: Server Certificate Icon


In "Actions" pane you will see few options such as Import, Create Certificate Request, Complete Certificate Request, Create Domain Certificates and Create Self-Signed Certificates.

Fig 2: Server Certificates window

If you have already installed security certificates are there it will down in server certificates list. To create new certificate server request click on "Create Certificate Request" link. It will open "Request Certificate" window.

Fig 3: Request Certificate window

Fill all the required details as of your domain and complete the form. At the end of the window it will asked a location to save your certification request. You can give any name for this file. Keep this file till you purchase your security certificate since it will ask the content of this file for certificate generation process.

Step 2:

Next step is to purchase your commercial certificate or download test certificate. Go to the site official web site of the security certificate provider you have been selected. Complete the security certificate apply forms and when it asks for CSR (Certificate Server Request) you should copy the content of CSR file you generated in step 1. When you are coping the content of this file, open that file only using plain text editors like notepad. Never use rich text editors like Ms-Word since it might add some additional characters. If everything success complete the certification application process and you will end up with the certificate generated for you by the certification authority. Final step is to install the purchased or downloaded certificate in your web server.

Step 3:
Fig 4: Complete Certificate Request window

From step 2 you will get a certificate file which is having extension as ".cer". Once you have this certificate file click "Complete Certificate Request" link in Actions pane. In "Complete Certificate Request" window browse your certificate and provide friendly name for easily identify the certificate among other installed security certificate in the server. Complete this window and you will get successfully installed your security certificate in your server.

Step 4:

Once you successfully installed security certificate in your web server next step is to bind the certificate with your particular web site. In one server there might have more than one certificates installed. You should specifically set which certificate should use by your web site. For that in IIS Manager select your particular web site and click on "Bindings" link in Actions pane. By default you will have only HTTP binding for a web site. You should add HTTPS binding and specify which security certificate or SSL certificate to use from the certificate drop down list.

If everything done you have successfully setup your HTTPS enables or Secured web site. Now browse your web site from your browser and see the progress of your work. Please make sure that you are typing "https://" not "http".

What is SSL?

SSL stands for Secure Socket Layer. It uses HTTPS (Hypertext Transfer Protocol Secure) protocol instead of general HTTP protocol. HTTPS is a combination of the Hypertext Transfer Protocol and a network security protocol.

HTTP operates at the highest layer of the TCP/IP Internet reference model, the Application layer; but the security protocol operates at a lower sublayer, encrypting an HTTP message prior to transmission and decrypting a message upon arrival.

HTTPS has also been known as "Hypertext Transfer Protocol over Secure Socket Layer", but now HTTPS may be secured by the Transport Layer Security (TLS) instead of Secure Sockets Layer (SSL) protocol.

To invoke HTTPS, one replaces "http://" with "https://" in the URI, or Web address.

HTTPS connections are often used for payment transactions on the Web and for sensitive transactions in corporate information systems.

Comments

Post a Comment

Popular posts from this blog

The Power of ChatGPT and Whisper Models

A Deep Dive into Natural Language Processing Natural Language Processing (NLP) has seen a significant boost in recent years due to advancements in artificial intelligence and machine learning. Two models that have shown remarkable success in NLP are ChatGPT and Whisper. In this article, we will delve into the power of these models and their applications in the field of NLP. ChatGPT is a transformer-based language model developed by OpenAI that uses unsupervised learning to predict the next word in a sentence based on the context of previous words. ChatGPT is a generative model that is trained on large datasets of text, such as books and articles, and can be fine-tuned for specific tasks, such as question-answering or dialogue generation. ChatGPT is known for its ability to produce human-like text, making it an ideal tool for applications such as chatbots, content creation, and language translation. Whisper, on the other hand, is a paraphrasing model developed by Google that is based on...
Post a Comment
Read more

SMPP protocol library for fast and easy SMSC(Short Message Service Centre) client development even for non-telecom guys

SMS sending through .NET C# is really easy. But most of the guys face many issues with SMSC client developments. SMPP protocol has many parameters to configure, but for simple SMPP gateway application you need very few of them to configure correctly. This article will cover how to implement SMSC client application using EasySMPP library. EasySMPP is a free SMPP library used by many people to implement SMS sending applications. There are many SMPP libraries but EasySMPP library is very easy to use and relatively stable. EasySMPP library mainly contain five class library projects. KernelParameters, SMPPClient, SMSClient, SMSService and Tools are the library projects and you only need to use SMSClient library to implement SMPP client application. First download EasySMPP library and add class library project to your .NET C# solution.  1. public bool SendSms( string from, string to, string text)
Post a Comment
Read more

Setting up the react native development environment

  This tutorial I am going to focus on how to install and build your first React Native application. There are two methods you can follow to develop React Native app. If you are very new to mobile development and not familiar with setting up mobile development environment, I would suggest to start with Expo CLI. Expo is a set of tools to build React Native application. It has may features; you have to select suitable features to develop your app in minutes. You need only a recent version of Node.js and a phone or emulator. If you want to test your React Native application on your web browser before installing any tools, you may use Snack.   If you are familiar mobile developer from other languages and want to try out React Native, you may try out React Native CLI. For that you need to install either Xcode for iOS or Android Studio for Android OS.   If you are a beginner, my personal suggestion is to go for Expo CLI and familiar with the React Native features and...
Post a Comment
Read more