Microsoft KB Archive/928705

= How to use SSL to encrypt a Web site in Expression Web =

Article ID: 928705

Article Last Modified on 12/8/2006

-

APPLIES TO


 * Microsoft Expression Web

-



Introduction
This article discusses how to use Secure Sockets Layer (SSL) to encrypt a Web site in Microsoft Expression Web.



MORE INFORMATION
If you use the Encrypted connection required (SSL) option in Expression Web, your whole Web site uses the Secure Sockets Layer (SSL) port to encrypt all the data that is sent to or from Expression Web. With this option, you can also specify whether you want to use the SSL port for links to specific pages in a non-secured Web site. This article describes how to complete both encrypted authoring and encrypted browsing.

Use SSL for encrypted authoring
To use SSL for encrypted authoring in Expression Web, follow these steps:
 * 1) On the File menu, point to New, and then click Web Site.
 * 2) On the Web Site tab, click the template that you want to use.
 * 3) In the Web Site dialog box, type the HTTP location of the new site in the Specify the location of the new Web site box.

Note You can also select this location from the list, or click Browse to search for the location.
 * 1) Click to select the Use Encrypted connection (SSL) check box, and then click OK.

Note If you are creating a disk-based Web site, the Encrypted connection required (SSL) check box is not available.

For more information about how to create a new Web site in FrontPage 2000, click the following article number to view the article in the Microsoft Knowledge Base:

198092 How to create a new Web in Microsoft FrontPage 2000

SSL helps improve encrypted and authenticated communication between the client and the server based on public-key cryptography. To send an encrypted message, the sender uses the recipient's public key to encrypt the message. Then, the recipient uses the recipient's private key to decrypt the message. Because only the recipient has the private key that can decrypt the message, it is difficult for someone other than the recipient to decrypt the message.

To guarantee authenticity, a certificate accompanies the public key. A certificate is a digital signature on a digest of the friendly (human readable) name of the participant, together with the participant's public key. The certificate is encrypted by using the private key of the certification authority. To verify the authenticity of the public key of the participant, anyone can compute the digest of the friendly name and the public key for that participant. They can use the certification authority's public key to decrypt the certificate and verify that the same digest results.

Note Expression Web can use the Wininet.dll program interface if Microsoft Internet Explorer 5 or a later version is installed and if Internet Explorer 5 can use 128-bit encryption. If Internet Explorer 5 is installed with 40-bit encryption, Expression Web only uses 40-bit encryption. If Internet Explorer 5 or a later version is installed with 128-bit encryption, Expression Web can use 128-bit encryption.

Use SSL for encrypted browsing
If you do not want to use SSL to encrypt your whole Web site, you can use a fully qualified URL to mix ports on a single Web site. You can do this if you must have SSL encryption to search some of your pages. Web servers use a separate port for SSL connections. This port is identified by the protocol that the URL uses:
 * http:// for a Web site that is not encrypted
 * https:// for an encrypted Web site

To create an SSL link for a page, use a fully qualified URL. Do not use a relative URL to a specific file. For example, do not use the relative URL: default.htm Use the fully qualified URL:

https://example.microsoft.com/default.htm

The fully qualified URL forces the browser to use the SSL port (typically port 443) instead of the default port (typically port 80). To link from the SSL port to the default port, use a fully qualified URL with the protocol that is not encrypted. For example, use the following fully qualified URL:

http://example.microsoft.com/default.htm

To create an SSL link for encrypted browsing from a page in the Web site to another page, follow these steps:  Open the Web site in Expression Web, and then select the text that you want to use for your hyperlink. Click Insert, and then click Hyperlink. In the Address box, type the following:

https://

For example, type the following:

https://example.microsoft.com/default.htm

 Click OK.

Remote site settings
To use SSL connections on the Web server, you must use a certificate from a recognized certification authority to configure the server. If the server does not support SSL, click to clear the Encrypted connection required (SSL) check box when you set the remote Web site properties. If you do not do this, you cannot publish folders and files to the remote Web site. If you do not know whether the Web site supports SSL, contact the Web server administrator or Internet service provider.

