About Secure Sockets Layer

Applies To: Windows Server 2003, Windows Server 2003 with SP1

IISĀ 6.0 uses the Secure Sockets Layer (SSL) protocol, which provides a way of establishing an encrypted communication link with users. SSL is a public key-based security protocol that is used by Internet services and clients to authenticate each other and to establish message integrity and confidentiality. SSL uses certificates for authentication, and it uses encryption for message integrity and confidentiality. To establish encrypted communications using SSL, you must have a valid server certificate installed.

SSL confirms the authenticity of your Web site and, optionally, confirms the identity of users that are accessing restricted Web sites. You can use the SSL encryption features of your Web server to cryptographically encode information transmitted and received by your Web server. When you enable SSL encryption, you can prevent unauthorized individuals from decoding the original content of your transmissions. For example, you can use encryption to help protect the private information that clients exchange with your server, such as credit card numbers or phone numbers.

When you set security properties for a specific Web site, you automatically set the same security properties for directories and files belonging to that site, unless the security properties of the individual directories and files have been previously set.

Your Web server will prompt you for permission to reset the properties of individual directories and files when you attempt to set security properties for your Web site. If you choose to reset these properties, your previous security settings will be replaced by the new settings. The same condition applies when you set security properties for a directory containing subdirectories or files with previously set security properties.

To maintain the performance level of your Web server, consider using SSL encryption only for sensitive information, such as financial transactions. Encrypted transmissions can significantly reduce transmission rates and server performance.