Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15

• Previous message: Joseph: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• In reply to: Joseph: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• Next in thread: Bernard: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 16 Aug 2003 17:40:04 -0400

Thanks... I haven't read the thread regarding your problem, but
www.iisfaq.com/ssl is probably superior to my FAQ when it comes to IIS SSL
questions.

In response to your question posted here:
http://www.google.com/groups?threadm=076a01c3639d%24c34f1120%24a101280a%40phx.gbl

Do note that XP is not a real web server, as it limits you to 10 concurrent
connections which equals about 2 concurrent web users at once, since most
browsers tend to make around four connections at once to download files
faster. Windows 2000 or 2003 server is required to get around this
restriction.

Here's how to enable SSL in IIS 5.0, not sure if 5.1 is different. The main
setting is in the IIS MMC, right-click on the web site properties, select
Directory security. If you don't check the box to REQUIRE encryption, then
encryption will be optional and won't always happen.

http://www.iisfaq.com/ExternalLink.aspx?L=1642&P=20

XP comes with a different mini-IIS MMC that is confusing to me and does not
let you see all the features, but I think there is a way to add a real IIS
MMC that lets you see more features like possibly SSL, if it is possible to
do SSL on XP IIS.

Regarding your cert question, you have a choice of using the test cert from
Verisign [which is installed on both the server and every client], or
generating a real one with a CSR. If you generate the CSR, it's useless
until you submit it to a CA like Verisign [www.entrust.net or
www.freessl.org are both cheaper than Verisign], and pay, and get a cert
response back which is then installed using the same IIS MMC wizard that was
used to generate the CSR. Another way would be to install and use MS Cert
Services, which comes with Windows 2000 and I think 2003 server, to generate
your own cert, but no clients will trust it. This means that encryption
will still happen, but clients will either have to click options to either
trust or install the cert, or clients will get an error message and know to
click Yes to continue with encryption enabled.

I dont' know if this link helps? It mentions using OpenSSL to make your own
cert for testing purposes for XP. It seems to have instructions on how to
use the XP MMC which I'm not familiar with.

http://www.somacon.com/iis_ssl/

www.apache.org is a free web server with no restrictions on number of users,
but using it on XP, it would still not be lawful to let more than 10
concurrent network connections happen [and it might also not be possible
either due to hard coded restrictions in XP].

hope this helps..

"Joseph" <JFV@Lodestarpublications.net> wrote in message
news:00f101c3642c$2b14ade0$a501280a@phx.gbl...
> Karl, do believe they are written well it sometimes is
> info overload and too many redirections. I didnt mean to
> offend you-actually that is not my style. I have been
> trying to install,get, a certificate to turn on my SSL in
> 5.1 XPPRO for a week now and nothing I read helped. Maybe
> i read the wrong things>>sorry. I undrstand now how busy
> you are and thanks for the dedicated time.I post for XP
> forum a lot also so I know how you feel.i wish the FAQ's
> would be more detailed thats all.
> Still trying to get SSL to work,
> Joseph

• Previous message: Joseph: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• In reply to: Joseph: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• Next in thread: Bernard: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.08.15"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]