I am setting up SSL certificates on a development environment using IIS 6 on W2k3.
I have a directory called login with a single page
login.asp which I would like only viewable over SSL.
So before installing or applying SSL permissions, the page is viewable through a browser. I can browse the page and it redirects etc. and all is good. However Basic Authentication is Base64 encoded so I want to secure the traffic from this page only.
I have created a dummy certificate in
makecert, installed it and added it to IIS. IIS is happy that it is trusted. I have selected the directory of
login and child files to "Require SSL channel". When I refresh my browser on
login/login.asp I get a "404: Page Not Found" in IE 8. So 2 issues here
- The page is now unviewable when using HTTPS.
- They must manually type the HTTPS (minor inconvenience for now)
If I turn off "Require SSL Channel" from IIS, it works again.
What part of the process am I missing as I have followed several tutorials on installed SSL certificates, but still come across this barrier.