Hello everyone, I've been developing a web application using ASP.NET 2.0. On this project I've created a directory named 'secure' and inserted on it all pages I intended to be accessed via https. I've now subscribed to the SSL add-on and need to choose a Common Name. I think I'll use something like secure.mydomain.com. I have few questions regarding this subject, since I've never used SSL before. 1 - Is it possible to define just a directory (and its pages and sub-directories) as secure (accessed via https)? 2 - If yes, would it be possible as well for someone to access them via normal http? 3 - If I choose a Common name such as secure.mydomain.com, and since that is a subdomain, would there be any problem with redirects, etc. regarding the functionality I desire (i.e. securing a specific directory)? Thanks in advance. Regards.
1 - Is it possible to define just a directory (and its pages and sub-directories) as secure (accessed via https)? - If yes, would it be possible as well for someone to access them via normal http? when you enable the SSL addon, your whole site will work with both HTTP and HTTPS. If you want, we can configure any folder to require HTTPS connection, ie. you get an error when you try to access the directory w/ HTTP. 3 - If I choose a Common name such as secure.mydomain.com, and since that is a subdomain, would there be any problem with redirects, etc. regarding the functionality I desire (i.e. securing a specific directory)? No. When you have SSL Enabled, all subdomain will get pointing to your site root, eg. www.yourdomain.com and secure.yourdomain.com is the same. Bruce DiscountASP.NET www.DiscountASP.NET
You might give http://www.codeproject.com/aspnet/WebPageSecurity_v2.asp#whatsnewa look. I have implimented it on my site and it works great. -Ken