Setting HTTPS On Your Website

Normally we create a website and host it in IIS and it can be used with http. In order to apply https, we need to create a self signed certificate (which is for development purposes only and not production deployments) and bind it with the website. So let's see how we can do this.

To start with we will create a new ASP.NET application and host it in IIS, as normal hosting. So we have a website which is configured to be used on http  only. Check out the settings below:

add website

Now the application is hosted and we can browse it.

browse

Now in order to apply HTTPShttps, we need to create a self signed certificate and we can easily do it in the IIS itself. Note that this certificate generation process is only for development purpose. For production purposes we cannot use this certifcate.

To generate the test certificate, select the Root node of the IIS and select "Server Certificates" option on the right panel.

Server Certificates

In the right most panel, select the option: "Create Self-Signed certificate." This will open a pop-up to generate the certificate .

Create Self-Signed certificate

Specify a name for the certificate and Click "Ok" and the certificate will be generated and will be available in the list:

certificate

Now, go to your website and select "Bindings." Select "Add Binding" option.

Add Binding

Select the "Type" as "https" and select the "SSL Certificate" as the one we created above. Click "Ok" and it's done.

SSL Certificate

Restart the website and browse it using the "https" binding. Being a "Self signed certificate" the user will be presented with a warning message to continue to website, by the browsers. Click continue and the website it configured to use "https."

https

Happy coding.

Read more articles on Security in .NET:


Similar Articles