Re: SSL Issue - Urgent

From: smith (smith_at_discussions.microsoft.com)
Date: 07/14/05

  • Next message: Lutz Lammers: "Authentication Issues with IIS 5.0 and XP PRO" 
    Date: Thu, 14 Jul 2005 07:45:13 -0700

    I did see something similar here :
    http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg1PQ86347

    That is what led me to believe there might be a solution, and i wanted to
    know if it could be done on the iis level?

    "David Wang [Msft]" wrote:

    > The device which translates HTTPS->HTTP should also translate responses from
    > HTTP->HTTPS, including URLs. It is the only thing that knows the translation
    > happened for a given request, therefore it is responsible for transmitting
    > this information downstream.
    >
    > As you've stated, there is no way that IIS/JRun knows that the original
    > request is HTTPS at all -- the device that translates HTTPS->HTTP needs to
    > give a hint -- perhaps add an extra HTTP request header that client
    > applications can use to detect this.
    >
    > --
    > //David
    > IIS
    > http://blogs.msdn.com/David.Wang
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    > //
    > "smith" <smith@discussions.microsoft.com> wrote in message
    > news:3C6E0382-5FED-4527-A87F-AE87A5FDAEC3@microsoft.com...
    > We have an f5 ssl offloader that is used in front of IIS 6.0. A https
    > request comes to the SSL offloader and is forwarded over http to a webserver
    > with the JRun plugin.The problem occurs if the original request is
    > redirected
    > by a
    > IIS/JRun application. The redirected request becomes an http
    > request because IIS/JRun is not aware that the original https
    > request was intercepted by a SSL offloader and forwared to
    > IIS over http.
    > We dont want to install certificates on IIS, is there a way that WebEngine
    > can check whether ssl is required so that when it is ssl over http, https
    > scheme will be chosen.
    >
    >
    >
    > Thanks in advance.
    >
    >
    >

  • Next message: Lutz Lammers: "Authentication Issues with IIS 5.0 and XP PRO"

    Relevant Pages

    • Re: SSL Issue - Urgent
      ... Generically extensible -- the translation device gives some hint of the ... so the device would need to set a proprietary HTTP Request header indicating ... This has been done on Apache and IIS as well. ...
      (microsoft.public.inetserver.iis.security)
    • SSL Issue - Urgent
      ... We have an f5 ssl offloader that is used in front of IIS 6.0. ... with the JRun plugin.The problem occurs if the original request is redirected ... The redirected request becomes an http ...
      (microsoft.public.inetserver.iis.security)
    • Re: Cant Open XLS or PPT files
      ... That logfile entry indicates HTTP status: 200 OK - IIS has received the ... are receiving a "cannot open xxx" type message. ... :>HTTP request that is logged if possible. ...
      (microsoft.public.inetserver.misc)
    • Re: IIS 6 .net ERROR 404 with telnet & down-level clients
      ... Can you go into your IIS logfiles and check the HTTP substatus code please? ... : telnet www.myserver.com 80 ... :> simulates a basic GET request for the default page of www.myserver.com. ...
      (microsoft.public.inetserver.iis)
    • HTTP 1.0 support
      ... by default, IIS 6 on Windows Server 2003 returns a 400 error, Bad Request ... when you use a non HTTP 1.1 spec compatible, Unix-like syntax in a HTTP GET ...
      (microsoft.public.inetserver.iis)