Hi Tom It can be more complicated than that, take a look at this.
http://nickcraver.com/blog/2013/04/23/stackoverflow-com-the-road-to-ssl/ On Fri, Nov 28, 2014 at 8:40 AM, Tom P <tompbi...@gmail.com> wrote: > Hi Noonie > > That sounds good. So it can be turned on later on if necessary. > > Is it necessary for me to "demand" SSL for LogIn type methods as those > should definitely be secure in a live environment? It doesn't concern me > while developing but it scares me to think the administrators may simply > forget to turn on SSL and then LogIn details will float around not > encrypted and the blame will find me somehow. > > > Thanks > Tom > > > > On 27 November 2014 at 20:35, noonie <neale.n...@gmail.com> wrote: > >> Tom, >> >> You can ignore all that stuff as it should have nothing to do with your >> web application. >> >> It's a "server thing" when running behind IIS etc. and all the magic >> happens lower down the stack. >> >> -- >> noonie >> On 27/11/2014 4:20 pm, "Tom P" <tompbi...@gmail.com> wrote: >> >>> Noob question here. >>> >>> How would I go about adding SSL to a MVC site? Is it simply a matter of >>> turning a switch on in the server somewhere and the admins can do it or do >>> things need to be done in code? I am reading a whole variety of ways such >>> as adding attributes, filters, configuration settings, cookie properties, >>> certificates and so on. Seems complicated. I was under the impression I >>> could do without it in development and have it simply "turned on" once it >>> goes live. Is this not the case? >>> >>> >>> Thanks >>> Tom >>> >> >
