Enabling SSL on a Commerce Server Site

  • Article

In an e-commerce site, you process sensitive information, such as customer credit card numbers. This data must be encrypted and transmitted over a secure channel. For implementing secure data transfer, you use Secure Sockets Layer (SSL).

To implement this functionality, you need to acquire a digital certificate and install it on your server(s). You can apply to one of the certification authorities for a digital certificate. Some of the commonly known commercial certification authorities are VeriSign, CyberTrust, and GTE.

SSL is a scheme for protocols such as HTTP (named HTTPS when secure), FTP, and Network News Transfer Protocol (NNTP). When you use SSL to transmit data:

  • The data is encrypted.
  • A secure connection is established between the source and destination servers.
  • Server authentication is enabled.

To enable SSL on a Commerce Server site

  1. In Internet Services Manager, use the Web Server Certificate Wizard to install and configure a server certificate on your Web server. For instructions, see "Setting Up SSL on Your Server" in the IIS 5.0 documentation.

  2. In Commerce Server Manager, expand Commerce Sites, and then click the site you want to administer.

  3. Expand Applications, right-click the application you want to configure, and then click Properties.

  4. In the <application> Properties dialog box, on the General tab, select Enable HTTPS.

  5. In the Web Servers tab, click Synchronize Values to copy the SSL port property from IIS to the Commerce Server Administration database.

    The default value for the SSL port is 443. If you have a value other than 443 here, you must type that value in the Secure host name box on the General tab (for example, www.microsoft.com:441).

Ee796580.note(en-US,CS.20).gifNote

See Also

Deploying a Secure Site

Configuring an Application

Configuring a Web Server

Configuring CS Authentication Resource Properties

Copyright © 2005 Microsoft Corporation.
All rights reserved.