Enabling Encryption

You can require users to establish an encrypted channel (https:// rather than http://) with your server before accessing a restricted Web site, directory, or file. The use of an encrypted channel, however, requires that the user's Web browser and your Web server both support the encryption scheme used to secure the channel. Specifically, when you enable your Web server's default secure communication settings, you require the user's Web browser to support a session key strength of 40 bits, or greater.

Important

 

To enable encryption

Note   You cannot establish secure, encrypted communications unless you have installed a valid server certificate. See Using the New Security Task Wizards and Obtaining a Server Certificate for more information.

  1. In the Internet Information Services snap-in, select a Web site, directory, or file, and open its property sheets.
  2. If you have not previously created a server key pair and certificate request, select the Directory Security or File Security property sheet, then under Secure Communications, click Server Certificate. The Web Server Certificate Wizard will guide you through the procedures. For more information about the new wizard, see Using the New Security Task Wizards.
  3. If you have previously created a server key pair and certificate request, select the Directory Security or File Security property sheet, then under Secure Communications, click Edit.
  4. In the Secure Communications dialog box, select the Require secure channel (SSL) check box.
  5. Instruct users to establish a secure HTTPS connection with your Web content (that is, the URL for the restricted Web site should start with https:// rather than http:// ).
  6. Notes


© 1997-1999 Microsoft Corporation. All rights reserved.