RE: IIS "secure communications"and "certificate" sections disabled.

From: GoCMS (GoCMS_at_discussions.microsoft.com)
Date: 03/23/05

• Next message: Todd Bright: "Re: Storing Client Certificates"
• Previous message: Nicole Calinoiu: "Re: Difference between Full Trust and Everything"
• In reply to: GoCMS: "IIS "secure communications"and "certificate" sections disabled."
• Next in thread: Nicole Calinoiu: "Re: IIS "secure communications"and "certificate" sections disabled."
• Reply: Nicole Calinoiu: "Re: IIS "secure communications"and "certificate" sections disabled."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 23 Mar 2005 10:23:01 -0800

Thanks! I got it. ( thought the link for list of authorities to issue
certificate doesn't really work for the last step. )

Anyway, about the web service authentication, here're the 3 ways I can think
of:
1. Use IIS IP restriction. Only allows certain IP to access service.
2. Use Certificate. This involves a fee to get the certificate for server
and client.
3. Use WSE2.0, web service enhancement toolkit. This can only be used when
server and client are both using .net framework 1.1, both have to install the
toolkit.

Am I understanding it right? What're the pros and cons of the approaches?
And... are there any other ways?
I am now writing my service in .net, and my intended client is using java on
unix.

Thanks a lot!

"GoCMS" wrote:

> Hi, there:
> This might be a newbie question. I want my web service to require a
> certificate to access, so I go to IIS my virtual directory property and
> Directory Security page. I found the "secure communication" secion including
> "Server certificate" button are both greyed out. I wonder why that is. I'm an
> admin user of the computer. Did I miss some OS component or something?
>
>

---

• Next message: Todd Bright: "Re: Storing Client Certificates"
• Previous message: Nicole Calinoiu: "Re: Difference between Full Trust and Everything"
• In reply to: GoCMS: "IIS "secure communications"and "certificate" sections disabled."
• Next in thread: Nicole Calinoiu: "Re: IIS "secure communications"and "certificate" sections disabled."
• Reply: Nicole Calinoiu: "Re: IIS "secure communications"and "certificate" sections disabled."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Using Microsoft Certificate Server Programatically ... Client contacts server (web service) with encrypted registration ... The server issues the certificate (not sure how the web service ... (microsoft.public.platformsdk.security) Re: Quick Start certificate ... I have enabled diagnostics on the client and the web service. ... Did you give your web server identity permission to ... read the certificate on the server? ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: WSE and X509 trouble ... -- A client can be any client of the web service - but you've got the right ... app, or even another web service. ... policy files and b) a client can also use a policy file. ... > now wizard tell me to choose the certificate to use for client ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: WSE 2.0 Policy security settings with multiple X.509 certifica ... Certificate Store Location is set to LocalMachine (for the Web Service ... "Trusted Client Certificates" is made from "Local Machine - Other People" ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: Using Microsoft Certificate Server Programatically ... Actually, I'm trying to do this for the client, not the server. ... Client contacts server (web service) with encrypted registration ... The server issues the certificate (not sure how the web service ... (microsoft.public.platformsdk.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2005-03