Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms

ScottHa has a great blog Working with SSL at Development Time is easier with IISExpress, but I’ve got what I think is a better approach. Please weigh in.

In this blog entry I’ll show you how to test SSL on your ASP.NET MVC & WebForms  applications using IIS 7. You should make sure you have IIS 7 set up on your Windows 7 computer before proceeding. See my blog Test your ASP.NET MVC or WebForms Application on IIS 7 in 30 seconds for instructions.

Create a new ASP.NET MVC 3 Application called MvcSSL in the C:\Webs folder. Accept all the defaults.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第1张图片

WARNING: IIS cannot run an ASP.NET project that has been created in the default Visual Studio project folder (C:\users\<user>\Documents\Visual Studio 2010\Projects). Select a folder where IIS can access the files, such as C:\Webs.

Build and run the application.

Right click the solution and select Properties.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第2张图片

  1. Select Web in the left pane.
  2. Under Servers, select the Use Local IIS Web server radio button.
  3. Select the Create Virtual Directory button.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第3张图片

Should you get the message:

Unable to create the virtual directory. To access Web sites on the local IIS Web server, you must run Visual Studio under an Administrator account.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第4张图片

Read it and follow the directions and you’ll be rewarded with a friendlier message.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第5张图片

Now go back to IIS manager, refresh and drill down in the Default Web Site. Select Browse *:80(http) in the right pane.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第6张图片

Adding a SSL Cert the Super Ninja way.

  1. Download and unzip Thomas Demels awesome SelfSSL7 tool. Read about SelfSSL7 here.
  2. Open a administrative command prompt in the SelfSSL7 directory.
  3. Substitute your machine name for Q3 (which was my machine) and run the following command:
    SelfSSL7.exe /Q /T /I "Default Web Site" /N cn=Q3;cn=localhost /V 1000

That’s it. You now have a self signed certificate for testing.

Open Global.asax and add RequireHttps to all controllers and action methods.

public static void RegisterGlobalFilters(GlobalFilterCollection filters) {            filters.Add(new RequireHttpsAttribute());             filters.Add(new HandleErrorAttribute());        }

Build the application and refresh the browser. Note IIS Manager now includes the SSL port.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第7张图片

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第8张图片

Click on the lock icon to examine the certificate.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第9张图片

Next Steps

Change the URL to use the machine name instead of localhost.

Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第10张图片

To access this site from a remote computer, you’ll probably have to open up port 443.

To configure the firewall for HTTPS (port 443)

  1. From the Start menu, enter wf.msc

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第11张图片
  2. In the console tree, click Inbound Rules, and then click New Rule.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第12张图片
  3. In the Rule Type page, click Port, and then click Next.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第13张图片
  4. On the Protocols and Ports page, select TCP, and then click Specific local ports.  Enter port 443. Then click Next.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第14张图片

    5. On the Action page, click Allow the connection, and then click Next.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第15张图片

    6. On the Profile page, make sure that the Domain, Private, and Public check boxes are selected, and then click Next to accept the default profile.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第16张图片

    7. On the Name page, under Name,  type something like World Wide Web Services (Rick’s HTTPS Traffic-In).

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第17张图片

  5. You can now test the the site from a remote computer, but it won’t be trusted.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第18张图片

     

  6. Export the certificate and import on a remote computer. Run the following command (change the computer name from Q1 to your computer).

C:\Users\ricka\Downloads\SelfSSL7>SelfSSL7.exe /Q /T /I "Default Web Site" /N cn=Q1;cn=localhost /
V 1000 /K 2048 /X /F q1.pfx /W 5$ecURE!

  • Navigate to the PFX file from a remote computer. Double click on the PFX file to start the import wizard.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第19张图片
  • Select Next.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第20张图片
  • Select Next and enter the password. (I used 5$ecURE! in the example).

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第21张图片
  • Select Place all certificates in the following store, then select Browse.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第22张图片
  • Click OK.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第23张图片

  • Click Finish.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第24张图片
  • You should now be able to browse from the remote computer without warning.

Testing with FireFox

  1. Using FireFox,, browse to the MvcSSL site. FireFox will issue a warning and not display the page.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第25张图片
  2. Select Add Exception.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第26张图片
  3. You can now browse to the site without a warning.

    Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms_第27张图片

 

 

Trackback:

http://blogs.msdn.com/b/rickandy/archive/2011/04/22/better-faster-easier-ssl-testing-for-asp-net-mvc-amp-webforms.aspx

你可能感兴趣的:(asp.net)