Re: SSL question

From: J. v.d. Bovenkamp (joostb__@sps.nl)
Date: 06/07/02 

From: "J. v.d. Bovenkamp" <joostb__@sps.nl>
Date: Fri, 7 Jun 2002 14:41:25 +0200

sorry, post wasn't meant the be a reply.

"J. v.d. Bovenkamp" <joostb__@sps.nl> wrote in message
news:OoMO08hDCHA.1548@tkmsftngp02...
> first of all, this post probably won't belong in this NG, posted it in
some
> other NG's, but hey, you never know, right?
>
> OK, here it goes, starting with the situation:
>
> I have made a Web Service with .NET remoting classes, which is running
under
> IIS. It has some methods which are accessible by some client applications.
> These methods will return immediatly so the client can do some other
stuff.
> The information is returned in the form of events, which can happen at any
> time. I have developed this web service with the use of SSL in my head, so
> SSL will encrypt this information (WMI information). now i am at the point
> of testing the web service with SSL enabled. So i installed an SSL
> certificate on the Web Server, created a test site, checked if the data
was
> really encrypted with a packet analyser, and indeed it was encrypted.
>
> Now i enabled SSL on the virtual directory containing my web service,
almost
> everything works well. When calling a method on the web service, all data
> gets encrypted (pulling data from the web server/service), when analysing
> the packets, the data goes through port 443 and everything goes well.
> But the events which are pushing data out from the Web Service to the
client
> isn't encrypted. the data isn't sent over port 443.
> It seems that when a client initiates a request, this request is
encrypted,
> and within this request, the result (pulling data) is also encrypted. But
> when the server initiates a data request (pushing data) to the cliënt,
this
> data isn't encrypted.
>
> So my question is why this behaviour? is this normal? and is it possible
to
> disable this behaviour so all data in a single session is encrypted
(pulled
> or pushed)
> what i know of SSL, that it should work on all data sent between client
and
> server within a single session.
>
> Hope you guys can help me with this, or partially help me.
>
>

Relevant Pages

  • Re: SSL question
    ... It has some methods which are accessible by some client applications. ... I have developed this web service with the use of SSL in my head, ... > SSL will encrypt this information. ...
    (microsoft.public.inetserver.iis.security)
  • RE: SoapException - NullReferenceException
    ... As for webservice over SSL, there does exists some common issue such as the ... client certificate supplyment(if you've configured it to require client ... Microsoft MSDN Online Support Lead ... I have a web service running on an SSL connection and unfortunately I ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • SSL question
    ... I have made a Web Service with .NET remoting classes, ... These methods will return immediatly so the client can do some other stuff. ... SSL will encrypt this information. ...
    (microsoft.public.inetserver.iis.security)
  • SSL question on async data
    ... I have made a Web Service with .NET remoting classes, ... These methods will return immediatly so the client can do some other stuff. ... SSL will encrypt this information. ...
    (microsoft.public.inetserver.iis.security)
  • Re: SSL without certificates
    ... mccarthur@btinternet.com wrote that the client needs the server's ... because the client uses the public key from the cert to encrypt the data ... The secret key is created during the SSL handshake. ...
    (alt.computer.security)