Re: SSL on ASP.NET

From: Steve Turley (sturley@online.microsoft.com)
Date: 09/16/02


From: "Steve Turley" <sturley@online.microsoft.com>
Date: Mon, 16 Sep 2002 10:35:30 -0700


You do not set SSL with the <authentication mode=""/> tag. Leave it set to
Windows.
SSL is enabled in IIS and is independent of ASP.NET. You must first obtain
and install a server certificate (from VeriSign, Thawte, or any other
certificate authority that you trust.) Then use the MMC snapin for IIS to
enable SSL on your application's virtual directory:

Start>Run, type "inetmgr", click OK.
Navigate to your application, right-click and select Properties.
On the Directory Security tab you should see the Secure Communications area
active if you have installed the server certificate properly. Click Edit..
and then check the "Require secure channel (SSL)" checkbox.

Now users will have to use https:// to access the application.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not reply directly to this email address; it is intended  for
newsgroup purposes only.
"Madison" <gaysorn.kijjabhorn@psc.state.wi.us> wrote in message
news:117d701c25a81$43419e10$3bef2ecf@TKMSFTNGXA10...
> Hi;
> When I try to create ASP.NET application with SSL, I got
> the following message:
>
> Server Error in '/' Application.
> ---------------------------------------------------------
>
> Configuration Error
> Description: An error occurred during the processing of a
> configuration file required to service this request.
> Please review the specific error details below and modify
> your configuration file appropriately.
>
> Parser Error Message: It is an error to use a section
> registered as allowDefinition='MachineToApplication'
> beyond application level. This error can be caused by a
> virtual directory not being configured as an application
> in IIS.
>
> Source Error:
>
>
> Line 28:           "Forms", "Passport" and "None"
> Line 29:     -->
> Line 30:     <authentication mode="Windows" />
> Line 31:
> Line 32:
>
>
> Source File: d:\inetpub\a_test\web.config    Line: 30
>
> ---------------------------------------------------------
> Version Information: Microsoft .NET Framework
> Version:1.0.3705.0; ASP.NET Version:1.0.3705.0
>
> I could create ASP application with SSL without any
> problems. Do ASP.NET application can run with SSL? If
> yes, what is the process to set this application?
> Thanks.


Relevant Pages

  • Re: SSL broken after Windows 2003 upgrade
    ... The svchost.exe you reference is "IIS". ... routes them to the appropriate w3wp.exe based on configuration from WAS ... WFetch can make both a normal SSL request as well as a Client-Certificate ...
    (microsoft.public.inetserver.iis)
  • Re: IIS 6.0 SITE USING SSL
    ... It's not possible to set up a site for SSL without a server certificate. ... and neither would IIS. ... your claim about IIS5 supporting https without a server certificate is ...
    (microsoft.public.inetserver.iis.security)
  • Re: Win2003 Upgrade Broke SSL?
    ... The reason I say that the upgrade did not break SSL is because IIS has no ... problems relating to port 443 being occupied suggests that you did something ...
    (microsoft.public.inetserver.iis)
  • Re: WCF webservice over SSL and without
    ... Based on your further description, you have setup the SSL correctly in IIS server, but encountered some problem visit the WCF service's metadata page, correct? ... \par> Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Unable to load SSL filter in IIS5.0 (sspifilt.dll)
    ... Your SSL inside the Firewall observation does not sounds like it has ... SSL is very straight forward on IIS. ... My recommendation would be to remove sspifilt.dll as a site filter, ...
    (microsoft.public.inetserver.iis)