Do I need to purchase an SSL Certificate?

Question

First time I'm setting up a external web application for a family member. I have a Domain Name purchased through GoDaddy setup to point at my Azure website. I've added the requires SSL filter so that the pages are secure throughout the application.

public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
    filters.Add(new HandleErrorAttribute());

    filters.Add(new RequireHttpsAttribute());
}
}

In debug mode through my Azure address, the pages show up as secured. (HTTPS) However, when I access them through my domain name, I receive the "Your connection is not private" page where it routes me to an 'http:' address of my site if I accept.

I looked at some of the documentation of GoDaddy and apparently they have a service I can buy to implement SSL. Is this something that is required? Or am I missing a configuration setting?

so is that a no to the negative nancy who down voted me? – JReam Dec 30 '15 at 01:43 — JReam, Dec 30 '15 at 01:43

score 1 · Answer 1 · answered Dec 30 '15 at 18:40

In general, no you do not need to purchase certificates, particularly if you control the clients.

Down votes are for a number of reasons, but mostly that you can improve the question. Which web browser. What are the details of the cert in use (CN, subject alternative name) obfuscated if you must. How does an Azure URL differ from the domain you want to use.

Possibly the default certificate looks nothing like your domain, but we cannot tell that without more detail.

score 1 · Answer 2 · answered Dec 31 '15 at 05:26

I'm afraid I don't know anything about Azure hosting. In general, however, in order to use SSL, you must have an SSL certificate installed. This certificate should be from a certificate authority (Comodo, Thawte, etc) in order for your browser to verify that has been genuinely issued; the certificate authority "signs" the certificate to ensure this trust.

You can also use a "self-signed" certificate that you generate yourself. Such a certificate will cause browsers to display the "Untrusted certificate" page, though most browsers (Firefox, Chrome) will allow you to accept this untrusted certificate either permanently or for the session.

score 0 · Answer 3 · answered Jan 03 '16 at 20:22

0

No you don't need it, but recently azure "force" developer to use SSL in their website, well there is a workaround but whether you need it or not that's depend on you

answered Jan 03 '16 at 20:22

Ansel

231
1
3

Do I need to purchase an SSL Certificate?

3 Answers3