I am building a retail site and want to know what the “right” way to implement SSL in a .Net project means? I understand this is a little open, but I find the MS documentation on this subject a bit confusing. I want the whole site to use SSL, and I also read that the cookie used must also include certain switches so that it is not transmitted, even when using ssl, and subsequently can be read in plain text.
I use forms authentication and set in my web.config file for the site requireSSL, how can I make every page use a connection, etc.?
I am on a shared host, but their end is configured to use SSL, but I need to get my pages to use it, etc.
So, I configured my web.config file to use SSL in conjunction with authentication, payment and setting up my SSL on my host, and then what? Its all windows technology.
source
share