For the first few steps, I'll show more on hosting with Windows Azure, if any other hosting company, the steps will be roughly the same.
1) Hosting with Windows Azure: You have to purchase a cloud server. My case I use: http://azure.microsoft.com/en-us/. You can start with trial plan but it will not last long, at most few days only. Here're the few links you can start with:
- http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-provision-sql-server/
- http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-tutorial/
It's highly recommended that you use new IE (I use IE9) for accessing Windows Azure, even for service payment. Most of the standard browsers do not work well with IE-only Windows Azure.
2) Hosting with Windows Azure: Your web binary files can be deployed through FTP, and this is the steps: http://www.intstrings.com/ramivemula/articles/enable-ftp-access-on-windows-azure-vm/
3) Hosting with Windows Azure: Remember to open the Azure HTTPS endpoints (usually is port 443) of the server:
4) Domain with GoDaddy: For hosting with Azure server, you'll get a sub-domain that looks like this: xxx.cloudapp.net. But for a HTTPS to be worked, you need your own private domain. No choice but have to buy one. My company bought one at: http://my.godaddy.com/. Mind you, there's no such thing called customer service in GoDaddy, everything is on your own. When you get the domain, go to: https://mya.godaddy.com/default.aspx?prog_id=GoDaddy&.
Click on the "Launch" near the domain and you will see the domain you purchased.
5) Domain with GoDaddy: For hooking up the domain and the Windows Azure server, some details is on here: http://blog.smarx.com/posts/custom-domain-names-in-windows-azure. The latest GoDaddy site might looks like this. Click on the "Manage" near the "Forwarding".
Add one entry of your domain here.
Click on the "DNS Zone". Change the Host,"@" to Windows Azure Virtual IP & CName,"www" to Azure DNS name. You can get this from Windows Azure Dashboard.
6) Domain & Hosting: After the TTL period, you can go to the website through the domain. You will get the standard IIS welcome page that looks like this:
7) Domain & Hosting: You have to go back to Azure IIS and add this domain to the website. Click "Add Web Site".
On the new website added, click "Bindings" and key-in the domain info.
8) SSL with GoDaddy: Now we come to final part, which is SSL. Purchase the SSL from GoDaddy. Create the certificate by following this link: http://azure.codegrains.com/2013/07/step-by-step-guide-for-implementing.html (until step 8). It takes only few minutes for SSL to be signed.
Install the SSL certificate by following this link: [To Install an SSL Certificate in Microsoft IIS 7] http://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7?locale=en&countrysite=my&pc_split_value=4
9) SSL: Do not forget the HTTPS binding in the new website.
And your site should be browsable through HTTPS by now.
10) SSL: After the SSL is setup, you can check your SSL security level on your server. Here're the few websites that you can check:
- https://sslcheck.casecurity.org/en_US (you might need to clear your cache after your first run)
- https://www.ssllabs.com/ssltest/analyze.html
- http://foundeo.com/products/iis-weak-ssl-ciphers/test.cfm
11) SSL: With default settings on Windows Server 2008 R2, most probably you'll be getting an "F".
it's because of SSL version 2 is not disabled on server. Here're the links that you can refer to.
- http://support.microsoft.com/kb/187498
- http://hosting.com/support/pci-security-scan/disable-sslv2-for-microsoft-iis7-under-windows-server-2008-64bit/
- http://blogs.msdn.com/b/httpcontext/archive/2012/02/17/how-to-disable-ssl-2-0-on-windows-server-2008-r2.aspx
12) SSL: After adding new entries on registry and restart the server, I got this, a "B".
13) Done! Phew, what a long way.