I am busy setting up a protocol between a payment service provider and my website. They use the Immediate Payment Notification (IPN), where they link the URL on my site when processing the payment, sending me confirmation data. I would like to protect this URL and one or two others using SSL. Most actions do not require this, since during normal operations confidential data is not transmitted, only payments, login and downloads.
It should be possible to simply add the [RequireHttps] annotation to the action:
[RequireHttps] public ActionResult processOverSSL () { }
As long as IIS is configured for SSL with a certificate, it should just redirect to https.