I'm working on an e-commerce site and we've just purchased a secure certificate to transmit a shopping cart to the payment gateway without fear of tampering.
Question is, should the whole site be built on https:// or should only the form which posts to the payment gateway be secure?
I find that all the values of the session variables i have created is empty when i use https. I am sucessfully able to use these session variables in the other pages that does not use https.
While making a shopping cart and using https for checkout process. What is the best method to retrieve cart values like item, total etc. Currently i'm using session to access these values in different pages during checkout but the problem is what i have mentioned above when i use https. What method do u prefer and how does it work?.
I have a question regarding https and SSL between two web
sites. I am not quit understand how asp application can
handle https, encryption and SSL. Here is scenario:
An asp application on my web site requires to get form
data from web client and to convert the data with XML
format and send the data to another web site which only
accepts https protocol.
If my site needs to receive information from the remote
web site, then I know a digital certificate needs to be
installed on my side. and https configuration needs to be
implemented on local web server.
However, if all of local side need to do is to send data
to remote web server with data encrypted, do I still need
to install digital certificate and enable https on local
web server? If not, how can I encrypt data with the the
certificate so it can be accepted by remote server and be
decoded by remote server side?
I'm in a non-secure page (http). When I click on a submit button, I'm about to enter the secure page (https). But I got the popup saying that I'm about to enter a non-sercure page, wanna continue(yes,no).
If I click YES, it take me to "https" page. This doesn't make any sense at all.
I need to implement in my site the HTTPS. But I don't know anything about
this. Can someone help me or give me a way to learn about it?
I'm trying to detect if the user is utilizing HTTP or HTTPS in the address
bar. The following code responds true regardless of whether I use HTTP or HTTPS.
What should I be using? In the end, if the user types in HTTP, I will
redirect them to HTTPS.
<%
If Request.Servervariables("https") <> "" Then
Response.Write "this is https...OK!!!"
End If
%>
I have enforced SSL connections on my website to make it secure. My problem is if the users go to http://wesite-url they get an error message saying:The page must be viewed over a secure channel
The page you are trying to view requires the use of "https" in the address.
Instead of showing this error page, I want to automatically redirect them to https://website-url. Is it possible?? Do I need to to program this in gloabal.asa?
I have a site that requires a checkout process. THe checkout process occurs in the secure server. I need to pass session variables from one server to the next.
View Replies View RelatedI've integrated a secure certificate into my e-commerce site. However, when I forward people to the account log-in area (https) all of the relative links on the page obviously then point to http://www.mydomain/homepage for example.
How do I do what Dabs do, and redirect these links back to non-secure pages, without hard-coding all links as full URLs?
I am developing an application over the web(intranet app). Now my problem
has to do with secure communication
between browser and webserver. I want to enable secure communication using
https. Are there any alternatives other than buying certificate for virtual
directory ?
I am trying to write a routine that allows users to download files from our secure site, with the code below the file will download and when you click save i get an IE error. However when the page is not https the routine runs just fine. Any Ideas?
View Replies View RelatedI have a login page that's https and after logging in should redirect to the
home page http://www.example.com
<form id="Form1" method="post" runat="server">
No matter what I've tried it tries to redirect to https://www.example.com
(https)
Exact error is:
The page cannot be displayed:
......
500 Internal Server Error - The network logon failed. (1790) Internet Security and Acceleration Server
Does anyone have any clue as to what's going on here, and how to fix it?
I wish to have a web site that has most of the pages as normal HTTP pages
but has some areas that use HTTPS. I want to have it that if a user selects
a link to a HTTPS page that they go there an there Session Information is
kept. I also wish to have the pages switch automatically to HTTPS if a
visitor types the URL without the HTTPS. So my questions are:
1) How to redirect to a Secure Page without losing Session Info?
2) How to test if page is accessed by HTTPS, and if not switch to HTTPS
quickly?
I think something like this code is what I want but how do I do it.
<%
if not "HTTPS" then
response.redirect(https://mysite.com/securepage.asp)
end if
%>
How I can enable or configure https on a certain page(file).
View Replies View RelatedI am using the following code in my default.asp page to redirect the page
from HTTP to HTTPS
<%
if Request.ServerVariables("HTTPS") = "off" Then
Response.Redirect("https://" & Request.ServerVariables("HTTP_HOST") &
Request.ServerVariables("URL"))
End if
%>
I got the code off of a website and found that many web sites had similar
code for doing the same thing. The problem I am having is that the code
will not redirect to the HTTPS and will keep reloading the page. Is there a
setup issue with IIS that I might be missing?
I am trying to access a .NET web service over https:// using Microsoft.XMLHTTP but I am receiving "A security problem occurred. , Number=>-2146697202" error. I guess it is bacause of https certificate challenge. Is there a way to accept the certificate in ASP.
My sample code is:
Just to explain what's going on briefly... I've added an include to the top of all files on our site (this code is pasted below) to check IP address, and then some pages will display slightly different content for our Canadian or US customers.
This works fine in Firefox. However, in IE, when a Canadian visitor comes it doesn't display canadian content on the http version of any page. Once they go to a https page, it works just fine. After that, if they go back to an http page it still displays properly. Code:
if a URL is
https://www.mysite.com/mypage.asp
clients are redirected to
http://www.mysite.com/mypage.asp
This works fine for all but 1 client. He looses a session during the
redirect. Apparently his browser interprets https:// and http:// as
different domains.
I need some help/pointers here. I maintain an ASP/MSSQL e-commerce site.
I need to force the use of HTTPS for private/payment data and force back HTTP on other pages. Some googling taught me the use of checking Request.ServerVariables("HTTPS"). Though GET data/QueryStrings are passed all my POST data is lost because of the REdirect. Code: