Moving to SSL / HTTPS

Recently I have walked the talk and have moved my personal site to HTTPS.

Although I have already moved, redirected and configured many many web front end to use SSL, I haven’t got around to implement this to my own websites. In comparison, my site is not a transactional site or doing any registration – I only use this as my portfolio site as well as a live test environment where I can experiment, learn, validate and do pretty much everything without any impact to anyone but me.

There are a lot of articles here, herehere, here, here and there regarding the pros and cons of having a site over HTTPS.  Basically from what I am reading now is it has an additional cost and additional load but it has to be done.

And thanks to modern tech, the move is fairly easy:

  1. Choose your CA. – Validation and Order
  2. Create CSR – Using a tool or MMC / Inetmgr
  3. Install PFX to your website. – Azure Website Basic Tier and Above.
  4. Auto redirection – using IIS URL Rewrite Rules (Azure) with a demo of TFS Online 🙂

So here’s my contribution to the secure modern web! Happy SSL!

image_thumb[5]_thumb

So this exercise got me thinking, we are really in the age of the cloud service already. From requesting certificates to installation, scaling my application and even a source code rebuild-test-deploy scenario and I haven’t touched not a single MMC or any server directly. The old concepts are there from web deploy about file being used or using a IIS manager to request for a CSR and fulfilling the certificate request but in a modern way. Difference is I used to do MSTSC but now, I am talking to the web browser. This could have taken days to do or even weeks not to mention there would be misconfiguration from my end but now, I am up and running “as I wish”.  Hmm. 🙂

Published by

johndelizo

Hi, I'm John. I am a developer, currently creating digital assets that protects people and their future. I am a certified SAFe Agilist, completing my LOMA certification, Microsoft Certified Developer (MCTS, MCPD), Azure certified and Microsoft Certified Trainer (MCT) alumni. I'm also a Microsoft MVP awardee for 8 years specializing Software Packaging, Deployment & Servicing as well as Cloud & Datacenter Management. Disclaimer: This is a personal blog. The opinions expressed herein are my own personal opinions and do not represent my employer’s view in any way. All content provided on this blog is for personal content and makes no representation as the accuracy or completeness of any information on this blog or found by following any link on this site.

One thought on “Moving to SSL / HTTPS”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s