Re: Problem with client certificates after upgrade

From: Michel Gallant (neutron_at_NOSPAMistar.ca)
Date: 01/15/04


Date: Thu, 15 Jan 2004 14:18:23 -0500

There is some issue with the actual format of Certificate returned
via ASP. Not sure if this is the problem .. maybe format has changed
in W2K3?
   http://groups.google.com/groups?th=61c3f67247cb076c

 - Mitch Gallant
    MVP Security

"Sascha" <sascha@nospam> wrote in message news:Ok05Rc32DHA.1764@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> I've upgraded my web server (W2K, IIS5) to W2K3, IIS6.0 with the web
> application (ASP, not ASP:NET) that uses client certificates.
> Now the site doesn't work :-(
>
> Basically, when the user provides the client certificate, the asp page takes
> the public key and checks in the database for that public key. If it finds
> the key, it then maps the user to the firm's id.
>
> The code that takes the client cert looks like this:
> <%
> function iif(bool, valTrue, valFalse)
> if bool then
> iif=valTrue
> else
> iif=valFalse
> end if
> end function
>
> function leadZero(num)
> leadZero = iif(len(cstr(num))<2,"0" & cstr(num), cstr(num))
> end function
>
> pk = Request.ClientCertificate("PublicKey")
>
> for i=1 to len(pk)
> pk2 = pk2 & leadZero(hex(asc(mid(pk,i,1))))
> next
> %>
>
> On the W2k, you would have the public key in pk2 variable which is correct
> when cheched in the database.
> On the W2k3, you get something completely different in the pk2 variable, and
> of course that value doesn't get passed the database check.
>
> In short, the Request.ClientCertificate("PublicKey") provides two different
> values for w2k and w2k3.
>
> What's up with that?
> Can someone help? Microsoft?
> I've searched everything for this....
>
> --
> Sascha
>
>
> --
> Sasa Bart
> Senior Consultant
> M SAN Grupa d.o.o.
>
>



Relevant Pages

  • Re: Best way to deal with user forms
    ... Thanks for the response. ... Your point is taken about sending email only in text format. ... > If your site is hosted on a Windows IIS server and you can use ASP and Access, ... > accomplished using the FP database components with no additional cost involved. ...
    (microsoft.public.frontpage.client)
  • Writing times to Access using ASP
    ... I've done plenty of ASP pages before and have had run-ins with dates before, ... I've got a table called tbl_times with has one field, in short time format, ... meeting for any time that exists in tbl_times, but not other times, as you'd ... and the record gets written to the database. ...
    (microsoft.public.inetserver.asp.db)
  • Re: SQL Update
    ... I tried that format earlier, but was getting a "Data Type Mismatch" ... All fields in the database are "text" EXCEPT for the autonum. ... > Hi Steve, ... >> Hi Using the ASP text below I get the following error message. ...
    (microsoft.public.frontpage.client)
  • Re: ASP communications with a separate application?
    ... In what format is the data from the VB6 prog stored? ... Some of the information is stored in a database. ... realize that ASP could get at that directly. ... The VB6 program is interacting with some industrial ...
    (microsoft.public.inetserver.asp.general)
  • Date format
    ... I have a report (Certificate) and need the date on the certificate to be displayed on the report as follows: ... I just need this format on the report and nowhere else in the database. ...
    (microsoft.public.access.reports)