Testing Website using SSL on Localhost (IIS)
Introduction
SSL (Secure Socket Layer) is a cryptographic protocol developed by Netscape to provide communications security on internet. Cryptographic technology uses two keys to encrypt data, one for public (public key) and another for recipient (secret key). SSL enabled website communicates with web server by using security channel (secret key) that prevents tempering, eavesdropping (or simply say hacking). Mostly probably SSL is used on login section, payment system, online banking system etc that is very sensitive information for organization. When we enable the SSL for website URL will start with https:// instead of http://.
Requirements
To test this, you should have IIS installed. No need of extra software like Visual Studio or any other website development kit because only a single HTML file can be tested.
Follow the steps to enable SSL on Windows Server 2008 R2 Operating System; another Operating System may have little difference.
Step 1
Open IIS Manger and select root computer name > and double click on ‘Server Certifications’. Look at image given below.
Step 2
Now in appeared window you will find ‘Server Certificates’ that already installed. No problem if there is another one already exists, I recommend to delete all by selecting each and create a new one. If you are not using your system for professional website hosting then, delete all.
Look at right panel, you will find ‘Create Self-Signed Certificate’ click on it. You will be prompted to enter the friendly name for SSL and click on OK button. I’m using ‘itorian’ here. Look at image given below.
Step 3
After clicking on OK button you will find a new SSL entry. Now navigate to ‘Site List’ and right click on that to choose ‘Edit Binding’ option. Look at image given below.
Step 4
When you click on ‘Edit Binding’, you will get a new window asking for protocol type. There may be three four items, in my example there is only one by default that is ‘http’. No problem if you have many more. At least one should be there. Now click on ‘Add’ button and in the appeared window select the ‘Type’ to ‘https’ and ‘SSL Certificate’ to ‘itorian’. When you done, I recommend to delete all another protocol types, only keep https. Close the small window listing protocols at the end.
Step 5
Now everything is configures and enabled for you. Let’s test it.
Please note I only have single protocol that is ‘https’ so by default any browser reacts on http you have to use here https while requesting via browser.
That’s all about the SSL configuration on localhost.
Thank you Abhimanyu :)
ReplyDelete