stackoom
  简体   繁体   中英

How asp.net website supports https(ssl)?

 原文  2013-12-24 03:34:15       c#/ asp.net/ ssl/ https

Question

I used asp.net to made a website, it's been worked and maintained for 3 years. Now customer required me to support https to make clients' requests and personal information secure in the internet. This is not a huge website but only with user login and online products reservation.

Requirements are:

1. If users not logged in, http without ssl, once user logged in, https enabled.

2. User logged out, return to http.

Currently, we paid for a RapidSSL certificate and waiting for agent's response. I'm not sure how many changes still necessary for the web applications? How asp.net 2.0 support ssl for these requirements.

2 answers

solution1
 0  2013-12-24 04:22:57

The First thing you need to install the certificate on the server which will your web application place.

In my case , i will use Security Switch -- > https://code.google.com/p/securityswitch/

You can choose to protect certain folder in your web config, you also can choose which folder you want to ignore. 

 <securitySwitch mode="Off" xmlns="http://SecuritySwitch-v4.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="SecuritySwitch-v4.xsd">
<paths>
  <!-- You should only need one of these paths based on where your login/logon page/view is accessed from. -->
  <add path="~/Account/" />
  <add path="~/Application/" />  
  <add path="~/Images/" security="Ignore" />
  <add path="~/Scripts/" security="Ignore" />
</paths>

solution2
 0  2013-12-24 05:09:04

You may also need to require the user's browser to connect using https as some don't do it automatically. I'm not sure if the tool above does this automatically but you can do this with web.config like this.. 

<system.webServer>
<rewrite>
        <rules>
            <clear />
            <rule name="Redirect to https" stopProcessing="true">
                <match url="(.*)" />
                <conditions>
                    <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                </conditions>
                <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
            </rule>
        </rules>
    </rewrite>
</system.webServer>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to set up SSL?HTTPs in asp.net Will ASP.Net 4.0 website work on new server which supports only ASP.Net 4.8 framework Asp.net WebAPI enable Cors to specific SSL/https origin How can I implement Https/SSL connection on Asp.Net Web API? How can I testrun my SSL-Required ASP.NET MVC Website in Visual Studio? How to use SSL in ASP.NET application How to implement SSL in asp.net how to load files on asp.net website how to create a link for an asp.net website? How to display table in ASP.NET website?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM