如何将 HTTP Asp.net WebForms 解决方案转换为 HTTPS?
我开发了一个asp.net WebForms管理系统。默认情况下它通过 http 运行。如何转换为使用 https?或者我应该考虑做什么?
I developed an asp.net WebForms management system. It runs over http by default. How can I convert to use https? Or what should I consider to do it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
一般来说,您无需执行任何操作。因为像 Response.Redirect 等任何命令都不会包含 https://。
那么,要为您的网站设置 https 吗?此配置发生在 Web 服务器上,您的代码和迄今为止构建的内容不必更改。
当然对于https来说,那么你需要有一个安全证书。
它们的成本可能相当高。要设置安全证书,您的网站在几乎所有情况下都必须面向公众。 (因为安全证书提供者必须是可访问的。如果你在防火墙后面或者只是在你的计算机上开发,那么这是不可能的。(你的网站在开发过程中不会公开暴露)。
当然,就在几年前, veri-sign 或其他公司颁发的主要证书每年要 300 美元以上,但是,go-daddy 每年颁发的证书价格约为 100 美元
。免费的开源证书之一是 Lets-Encrypt,但是,即使使用他们的安全证书(它们持续 3 个月,然后必须重新更新 - 但他们的过程现在已经相当自动化)。那么
,设置 https 吗?
即使对于安全网站,如果您使用 Visual Studio 并在计算机上工作(使用 Visual Studio 和默认的 IIS Express 版本),那么您也可以继续开发。这样,https不是必需的,因此在大多数情况下设置和打开 https 不需要对您的代码或站点进行任何更改。因此,证书过程和设置是在您的服务器上完成的。
但是,如前所述,在大多数情况下,您需要一个公共 url/域,然后在启动并运行之后,您可以设置 https 并在 Web 服务器上安装安全证书。
以下是一些步骤,但它确实建议您熟悉 IIS 的设置。
https:// weblog.west-wind.com/posts/2016/Feb/22/Using-Lets-Encrypt-with-IIS-on-Windows
如前所述,对于开发来说,在大多数情况下它不是 问题。因此,这主要是 IIS 配置和设置 - 不会影响或更改您的代码甚至现有站点。
当然,请咨询您的托管提供商,如今,基本托管计划通常会包含每月托管价格的安全证书。
如果这是一个面向内部的站点(仅限公司网络 - 不面向外部),那么您可能可以使用自签名证书(您可以谷歌 IIS Windows 设置自签名证书以获取更多详细信息)。
。
As a general rule, you don't have to do anything. Since any command like Response.Redirect etc. never included https://.
so, to setup https for your site? This configuration occurs on the web server, and your code and what you built so far does not have to be changed.
Of course for https, then you need to have a security certificate.
They can be quite costly. And to setup a secuirty certificate, your web site in near all cases has to be public facing. (becuase the security certifice provider has to be accessbile. If you behind a firewall or simply deveoping on your computer, then that's not possbile. (your web site during developing is not public exposed).
Of course, while just a few years ago, a major certificate issued by veri-sign or others? They were $300+ dollars per year. But competition, and go-daddy was issuing them for about $100 per year.
However, now? You can use the free open-source ones. One of the most popular ones is lets-encrypt. However, even using a secuirty certifice from them (they last 3 months, and then have to be re-newed - but their process is quite much automated now).
So, setting up https? You do that on the web server.
Even for a secuired web site, if you using Visual Studio and working on your computer (using Visual studio and the default IIS express edition), then you can continue to develop that way, and https is not required. So setup and turning on https for the most part should not require any changes to your code, or your site. The certificate process and setup is thus done with your server.
But, as noted, in most cases, you need a public url/domain, and THEN after that is up and running, you can setup https and install the security certificate on the web server.
Here is some of the steps, but it does suggest that you have familiarly with setting up IIS.
https://weblog.west-wind.com/posts/2016/Feb/22/Using-Lets-Encrypt-with-IIS-on-Windows
As noted, for development, in most cases it not a issue. So, this is going to be mostly a IIS configuration and setup - not something that will matter or change your code or even your existing site.
And of course, check with your hosting provider, these days, often a basic hosting plan does and will include a security certificate for the monthly hosting price.
If this is a internal facing site (company network only - not to outside), then you probably can get away using a self-signed certificate (you can google IIS windows setup self-signed certificate for more details).
.