Re: IIS SSL Encryption handshake information
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 11/23/05
- Next message: Wouter Demuynck: "Re: Integrated Windows Authentication fails"
- Previous message: John McClain: "IIS SSL Encryption handshake information"
- In reply to: John McClain: "IIS SSL Encryption handshake information"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Nov 2005 15:58:11 -0800
If you make the following request from the browser:
POST https://www.yourserver.com/redirected/default.jsp?sensitiveinfo=data
Then both the FORM entity body as well as sensitiveinfo=data will be
encrypted on the initial request. The server will need to complete the SSL
handshake to even retrieve any of that data from the request. This is how
SSL works.
-- //David IIS http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights. // "John McClain" <jm42163jm@yahoo.com> wrote in message news:OJReb067FHA.3224@TK2MSFTNGP09.phx.gbl... We have a servlet that is served by Tomcat. IIS is employed to redirect ot Tomcat via AJP. IIS is also SSL enabled as our data is sensistive. I am setting IIS to use SSL encryption on the default website. I have a redirector that forwards request to Tomcat I wish to call a jsp in Tomcat and pass SSL encrypted data. BUT, to start the SSL handshake off, I am making a jsp request with the data I wish to be SSL encrypted. My question is If I call a jsp from a browser and pass it some parameters that need to be sent encrypted, do the parameters get SSL encrypted BEFORE they are sent, or are they sent clear text, then the SSL Handshake, then all other data sent is encrypted?
- Next message: Wouter Demuynck: "Re: Integrated Windows Authentication fails"
- Previous message: John McClain: "IIS SSL Encryption handshake information"
- In reply to: John McClain: "IIS SSL Encryption handshake information"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
