Booklet for developers and security professionals on how to implement SSL in order to protect data transmission between .NET client and server. The guide contains examples of the client application code and certificate validations in C#.

Topics include: what is SSL certificate and how to use it to secure .NET Web Services, how to create server and client test certificates, implementing SSL in server and client applications, extra validations of server certificate on client side, and more (Article: ~3,600 words).

Table of Contents includes:
Introduction
Vulnerabilities Due To Insecure Communication
Difference between SSL and TLS
Securing Data Transmission with SSL
Different Levels of Security Provided by SSL
SSL Implementation Modes
Server Certificate Only
Server and Client Certificates
SSL Certificates
Certificate Issuing Methods
Self-Signed Certificate
Certificate Issued Using Self-Signed Root Certificate
Certificate Issued through Local Certificate Authority
Certificate Issued through Public Certificate Authority
Test Certificates
Server Test Certificates
Creating Test Certificate Authority
Creating Server Test Certificate for Specific Server Host Name
Creating Server Test Certificate for localhost
Creating Standalone Self-Signed Test Server Certificate (without CA Root)
Obtaining Test Server Certificate from Public Certificate Authority
Going to Production
Client Test Certificate
Creating Client Test Certificate using Root CA Certificate
Implementing SSL on Server
Web Server Configuration
Server Application Configuration
Server Application Code Changes
Implementing SSL on Client
Client Application Configuration
Client Application Code Changes
Additional Server Certificate Validations Performed by Client
Testing
Conclusion
Resources
About the Author