Nothing is needed in the actual asp page.  Install the cert in IIS and
verify you're asp page is running off of https instead of http... you can
have a simple include file that checks
request.servervariables("server_name") for https, if it finds it, you're
secure, if not grab the path of the script currently running and redirect
(with javascript so it does actually redirect) to https://(server)/(script
path).

Problem with IIS (not sure if this exists in apache) is, you can only have 1
cert per webserver... meaning, you can't have 5 sites on 1 webserver all
using their own certificate... kinda bites.

Cheers,

Colin MacKenzie

-----Original Message-----
From: Jeremy Simpson [mailto:jsimpson34@e...]
Sent: Wednesday, January 22, 2003 9:14 AM
To: Security_asp
Subject: [security_asp] SSL Setup and ASP usage

What is required in ASP for a page to use SSL security? A budy of mine
says this: Once the SSL cert server is loaded, I think the
trick is just doing an include on each page that says "use that cert".
Is he correct? I want my ASP to allow Internet Users to logon using SSL.
What is involved when using SSL?

Thanks