Abstract
Typically, Internet banking and e-commerce websites are considered to be highly secure, with web mechanisms that implement more foolproof solutions for user authentication, such as client-side digital certificates rather than the user name and password combination in order to ensure the safety of user sensitive data. SSL not only hides sensitive data, but also protects millions of users, especially during online transactions. Securing sensitive data such as user login information, bank account, and credit card details, is one most essential and challenging concerns among e-commerce and banking websites, because such information typically travels across the wire and can be compromised or sniffed easily by executing a couple of offensive attacks such as MITM or session hijacking while data is communicating in clear text format. Hence, this paper addresses the inherent issue of web server security and the process of SSL configuring and implementing in the form of digital certificates over an asp.net website.
