SSL question on async data

From: J. v.d. Bovenkamp (joostb__@sps.nl)
Date: 06/07/02

Next message: J. v.d. Bovenkamp: "Re: SSL question"
Previous message: J. v.d. Bovenkamp: "SSL question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "J. v.d. Bovenkamp" <joostb__@sps.nl>
Date: Fri, 7 Jun 2002 14:40:37 +0200

first of all, this post probably won't belong in this NG, posted it in some
other NG's, but hey, you never know, right?

OK, here it goes, starting with the situation:

I have made a Web Service with .NET remoting classes, which is running under
IIS. It has some methods which are accessible by some client applications.
These methods will return immediatly so the client can do some other stuff.
The information is returned in the form of events, which can happen at any
time. I have developed this web service with the use of SSL in my head, so
SSL will encrypt this information (WMI information). now i am at the point
of testing the web service with SSL enabled. So i installed an SSL
certificate on the Web Server, created a test site, checked if the data was
really encrypted with a packet analyser, and indeed it was encrypted.

Now i enabled SSL on the virtual directory containing my web service, almost
everything works well. When calling a method on the web service, all data
gets encrypted (pulling data from the web server/service), when analysing
the packets, the data goes through port 443 and everything goes well.
But the events which are pushing data out from the Web Service to the client
isn't encrypted. the data isn't sent over port 443.
It seems that when a client initiates a request, this request is encrypted,
and within this request, the result (pulling data) is also encrypted. But
when the server initiates a data request (pushing data) to the cliënt, this
data isn't encrypted.

So my question is why this behaviour? is this normal? and is it possible to
disable this behaviour so all data in a single session is encrypted (pulled
or pushed)
what i know of SSL, that it should work on all data sent between client and
server within a single session.

Hope you guys can help me with this, or partially help me.

Next message: J. v.d. Bovenkamp: "Re: SSL question"
Previous message: J. v.d. Bovenkamp: "SSL question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: SSL question
... It has some methods which are accessible by some client applications. ... I have developed this web service with the use of SSL in my head, ... > SSL will encrypt this information. ...
(microsoft.public.inetserver.iis.security)
RE: SoapException - NullReferenceException
... As for webservice over SSL, there does exists some common issue such as the ... client certificate supplyment(if you've configured it to require client ... Microsoft MSDN Online Support Lead ... I have a web service running on an SSL connection and unfortunately I ...
(microsoft.public.dotnet.framework.aspnet.webservices)
SSL question
... I have made a Web Service with .NET remoting classes, ... These methods will return immediatly so the client can do some other stuff. ... SSL will encrypt this information. ...
(microsoft.public.inetserver.iis.security)
Re: SSL without certificates
... mccarthur@btinternet.com wrote that the client needs the server's ... because the client uses the public key from the cert to encrypt the data ... The secret key is created during the SSL handshake. ...
(alt.computer.security)
Re: An unexpected error occurred on a send
... Windows Client?), so the first issue may not be the problem, but firstly, ... the COM component must be called from a STA thread, while your Web Service ... App you are calling the Web Service from, to see if it cures the problem. ... > Protocol: SSL. ...
(microsoft.public.dotnet.framework.webservices)