November Happy Hour will be moved to Thursday December 5th.

SSL and Community

Vote:
 

Is there any limitationis on EPiServer Community (3.1) when it comes to using SSL on the server and entire solution?

Our client wants secure communication between client and server, and SSL will satisfy their requirements, but I dunno wether SSL and EC will function as normal still?

Thanx in advance

#27173
Jan 19, 2009 15:02
Vote:
 

No, there are no limitations regarding the use of SSL. However, using SSL over the whole site implies encrypting/decrypting operations that may slow things down in the transport layer. If the site is under heavy load, a general recommendation (and has really nothing to do with the community platform) is to use SSL only on sections where it is really needed.

#27243
Edited, Jan 21, 2009 21:35
Vote:
 

Hei Per,

Well, slowing things down/performance is secondary to security, so the SSL/TLS security has first priority.

But as a follow up question, do I need to write code to secure communication, or is this handled by the web server?

#27247
Jan 22, 2009 9:42
Vote:
 

The SSL encryption/decryption is handled by the web server.

You only need to install your SSL certificate and configure IIS to use your certificate for that specific site.

#27248
Jan 22, 2009 10:08
Vote:
 

Ok, thanks Cool

#27249
Jan 22, 2009 10:20
Vote:
 

If SSL is a vital part of the design you should install a SLL certificate on your development/test machines also to make sure you catch any gotchas early instead of the last day when you go into production with the "real" certificate.

You can create self signed certificates easy in IIS 7: http://weblogs.asp.net/scottgu/archive/2007/04/06/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates.aspx

On IIS 6 you use SelfSSL from the the IIS 6 resource kit.

 

 

#27263
Jan 22, 2009 11:21
Vote:
 

Made a blog comment on this, if anyone is interested in reading a "summary"

http://mariusslette.wordpress.com/2009/01/30/securing-community-communication-with-ssl/

#27522
Feb 02, 2009 11:00
This thread is locked and should be used for reference only. Please use the Legacy add-ons forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.