How to use SSL to enhance IIS security

Source: Internet
Author: User
How to use SSL to enhance IIS security
[Author: anonymous post: Network clicks: 1989 Entry: A New]
Principle:
I will post a detailed explanation about SSL:
SSL Basics

To protect the security of sensitive data during transmission, many well-known enterprises around the world adopt the SSL (Security Socket Layer) encryption mechanism. SSL is a security and confidentiality protocol proposed by Netscape. It is used in browsers (such as Internet Explorer and Netscape Navigator) and Web servers (such as Netscape Enterprise Server and ColdFusion Server) secure channels are constructed between them for data transmission. SSL runs on the TCP/IP layer and under the application layer to provide encrypted data channels for applications. It uses encryption algorithms such as RC4, MD5, and RSA, A 40-bit key is used to encrypt business information. At the same time, Netscape developed the HTTPS protocol and built it into its browser. HTTPS is actually SSL over HTTP, which uses the default port 443, instead of using port 80 as HTTP to communicate with TCP/IP. The HTTPS protocol uses SSL to encrypt the original data on the sender and then decrypt the data on the receiver. encryption and decryption require the sender and receiver to exchange the common key. Therefore, the transmitted data is not easily intercepted and decrypted by network hackers.

However, the encryption and decryption process requires a large amount of system overhead, seriously reducing the performance of the machine. the test data shows that the efficiency of data transmission over HTTPS is only one in 10 of the data transmission over HTTP. If SSL technology is enabled for all web applications of a website for security and confidentiality, and the HTTPS protocol is used for transmission, the performance and efficiency of the website will be greatly reduced, this is not necessary because not all data requires such a high level of security and confidentiality. Therefore, we only need to use HTTPS protocol for interaction and processing of confidential data, in this way, both the fish and the bear's paw can be achieved.
========================================================== ============================
Implementation:
You need to install the Certificate Server, apply for a certificate on the server where IIS is located, and install it.

1. Install the Certificate Server. on the server, add/delete programs, Windows Components, find the Certificate Server, and install it. Restart and check whether the service is started.

2. You need to apply for a certificate for the IIS server:

In the IIS web site attributes, Directory Security, certificate, apply for server certificate, at this time, if the Certificate Server is online, you can directly apply.

Then, edit the certificate and select "enable SSL"

You can use the HTTPS protocol in your browser.

This is the basic situation.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.