Lesson 5: Providing Secure Communication
The purpose of this lesson is to explain how Secure Sockets Layer (SSL) communication is implemented with IIS configuration and URIs.
- "To provide secure communication across the Internet, IIS supports a standardized means of encrypting and decrypting Web requests and responses."
A third-party corporate authority provides an encryption key called a "server certificate" for cryptographic communication on the SSL.
- "The Secure Sockets Layer" (SSL) is the standard means of ensuring that data sent over the Internet can't be read by others."
One article, "Enabling SSL in IIS on Windows XP Professional," shows how to set up SSL for testing purposes using SSL:
http://www.somacon.com/p41.php
- "Because the difference between using http and https is a somewhat obscure distinction for most users to remember, it's important to provide an http entry point for your application that links to the secure (HTTPS) pages."
The Blog post "Setting up SSL correctly with IIS and ASP.NET" by Paul Wilson touches upon this matter:
http://weblogs.asp.net/pwilson/archive/2004/12/23/331455.aspx