Menu
My application will be deployed to the user's server with an MSI installer, and the expectation is that it will run as an intranet application on their secure network.
However, as I'm using HTTPS on the entire site, I'm wondering how I can get a valid certificate.
I've generated a Dev one using MakeCert, but have no idea how to do this for Production.
I don't particularly mind about the verification side of the SSL, I just want the communications for the app to be encrypted.
I'd appreciate your thoughts/guidance with this.
Thanks!
504
This completely depends on your standards and your paranoia. According to that you have a couple of options
No HTTPS:
Self Signed Certs:
Domain signed Cert: (when you are in a company, you usually have a domaincontroller and where you already have or can install a CA and sign certificates)
Free certificate (letsencrypt.com): (There are free authorities, where you can get certificates from. As a dependency you need to buy a valid domain, host your site under this domain, and either make the server public available (HTTP01 challenge) or use a SSL certificate provider with a supported API (DNS01 challenge))
Buy a certificate (namecheap comodo, like 9$ per year): (you need to create a a private key, then a CSR, send the CSR to the authority and get the normal cert back, which you then can install on your server with your private key)
Hope this helps. Its by far not complete yet should give you some overview
116
You can just generate one for free. It's best if say you have a domain controller, DNS, and certificate server if you are a Microsoft shop.
Here's an article https://technet.microsoft.com/en-us/library/cc995096.aspx
29
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
