|
SSL - What is that ?
SSL : Secure Sockets Layer
There is something called SSL certificate which needs to be attached to the webserver to use the SSL feature.
Now what a passport does to you ? Passports authenticates the identity of an individual. Similarly SSL authenticates the identity of a Web site. That means whenever your internet browser hits a SSL website it knows that the website it is trying to open is an authentic website.
Authentication is just one function of SSL. After authentication the technology encrypts the information between browser and Webserver - which means that the connection between the browser and website is secure and any information you submit to the website is not accessible to any unauthorised person(s).
How to know whether the webpage have SSL ?
When the browser is about to visit some SSL website a warning message pops and announces that the coonections is about to be secure (unless someone checked it not to display the message again!).
Whenever a padlock icon is seen in the status bar of browser it signifies that we are now into a Secure domain with SSL. The next thing to look for is the address bar where the URL now starts with a https:// and not http:// (the usual one).
Need example : Take a look at the yahoo mail login page :
If the SSL certificate is invalid , tampered or just expired a security alert pops up.
How to implement SSL for your Website ?
A request for SSL Certificate needs to sent to a third party Certificate Authorities like:
Verisign
Thawte
InstantSSL
Entrust
Baltimore
Geotrust
Rapid SSL
OK gets started : Configuring SSL on IIS (6.0)
1. Open the Properties of default website by right clicking the default website (Iam Considering that the default website is where you want to implement SSL. If you have virtual hosts do it there). Every website at the webserver needs a seperate SSL certificate.
2. Select the Directory Security tab and then click over the Server Certificate Option.
3. The Server Certificate wizard will guide you through to create a certificate request file to be sent to the SSL certificate providers.
4. Select create a new certificate option.
I tried using SSL from a provider which gave free trial SSL certificate (active for a month) for this website. The digital certificate looked something like this :
-----BEGIN CERTIFICATE-----
MIID0TCCArmgAwIBAgIEAIaMyzANBgkqhkiG9w0BAQQFADCBozELMAkGA1UEBhMC
VVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UE
ChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrrSEwHwYDVQQLExhodHRwOi8vd3d3LnVz
ZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBBcHBs
aWNhdGlvbnMwHhcNMDYwNzA0MDMzODMzWhcNMDYwODAzMDMzODMzWjCB6TELMAkG
A1UEBhMCSU4xHTAbBgNVBAoTFHd3dy5yaXRlc2htYW5kYWwuY29tMTgwNgYDVQQL
Ey9idXNpbmVzc3Byb2ZpbGUuZ2VvdHJ1c3QuY29tL2dldC5qc3A/R1Q5ODU0MDg0
NjExMC8GA1UECxMoU2VlIHd3dy5yYXB5ZHNzbC5jb20vcmVzb3VyY2VzL2NwcyAo
YykwNjEvMC0GA1UECxMmRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gRnJlZVNT
TChUTSkxHTAbBgNVBAMTFHd3dy5yaXRlc2htYW5kYWwuY29tMFwwDQYJKoZIhvcN
AQEBBQADSwAwSAJBAMs5egKCBvxzFQUz0JADrDF+1AOp1ANxEbhEs/5Py8lKJZ46
Ey+AWrYWjYOflCAkj9KoNGjl/Q3kkBiFYkqFqMMCAwEAAaOBjDCBiTARBglghkgB
hvhCAQEEBAMCBkAwDgYDVR0PAQH/BAQDAgTwMDUGA1UdHwQuMCwwKqAooCaGJGh0
dHA6Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybH0vdXRuLmNybDAfBgNVHSMEGDAWgBT6
hsnb4LrpePVLqNYV3/DT4WoUPDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUA
A4IBAQCQnoIkaKCRlnKaHfmbHxb/0Ox3p/vginRRsWTfGVddQ+ez245iYCAwNIn0
zlxymsLmRumeM7IWcwtMsW8hxfq70Y0jgEHNWFeTO/Uk7ajMt+waslbpoIidciGC
EkqQHW4cqEK1hFGrw5zuKNuTOUsT0e4l+9YrBj/pzeIV/I2qpIdbQD02kcxNL+9/
WjtEgzgbOKGqj4MFCph/FG5kcV/i4D4PGzHHJmjADRblXW24fZUOs0Tcrtb8AapY
fASbD4uktDmg5VuHUkv8rVhyVyazkWpekaTFLLh3LA2awuld2t3JLdhMmx0InjDc
C+156RgbIjouvKIdh4rk/rBWlFD+
-----END CERTIFICATE-----
| 
