Anonymous "RPC over HTTP" with SSL

---

• From: "Antti Nivala" <nivant@xxxxxxxxxxxxxxxx>
• Date: Thu, 26 Apr 2007 21:00:50 +0300

---

(Please direct me to the correct newsgroup if this is not the one.)

Is it possible to set up _anonymous_ "RPC over HTTP" with SSL?

I have already succeeded in setting up an _anonymous_ "RPC over HTTP"
connection between an RPC server and a client WITHOUT SSL (= traffic from
client to RPC Proxy is HTTP to port 80).

Also, I have successfully established an _authenticated_ "RPC over HTTP"
connection between an RPC server and a client WITH SSL (= traffic from
client to RPC Proxy is SSL to port 443).

However, in our case, using RPC authentication has no meaning, and having to
create a Windows account for the client on the server computer is something
we would not like to do. We would just like to have anonymous connections to
our RPC server from clients that are connected to us over the Internet. We
want to use "RPC over HTTP" to ensure that firewalls are not causing any
problems, and we want to encrypt the traffic with SSL because the
requirement is that only SSL traffic should be allowed to our server
computer that runs the RPC Proxy.

Is this possible? If yes, how? Currently, the client fails to connect if I
change RPC_C_AUTHN_LEVEL_CONNECT to RPC_C_AUTHN_LEVEL_NONE and
RPC_C_AUTHN_WINNT to RPC_C_AUTHN_NONE. The error is 1722 (The RPC server is
unavailable). I have set the AllowAnonymous registry value to 1, and on the
IIS level anonymous access seems to work.

The client is Windows XP SP2, and the server is Windows Server 2003 R2. IIS
is running in 6.0 mode, SSL certificates have been installed etc. I believe
the SSL part is OK now since an authenticated SSL connection works. I just
do not know how could change to anonymous mode while still keeping the
connection as SSL instead of HTTP.

Many thanks in advance!

Antti Nivala



.

---

• Prev by Date: Check if an exe signed with vbs
• Next by Date: Re: Verifying Digital Signatures - Different results on different
• Previous by thread: Check if an exe signed with vbs
• Next by thread: Re: Vista install security questions
• Index(es):
  • Date
  • Thread

---

Relevant Pages RPC Problem with WinXP SP2 ... I have a Client application which is installed on a Windows XP SP 2 box. ... On start-up the application connects to the application server. ... own RPC Server, to which the application server is intended to ... This RPC connection is used to inform the client app. ... (microsoft.public.win32.programmer.networks) Re: Challenge/response and nonces ... This server has to handle many simultaneous connections (with only ... small amounts of data on any particular connection) and TCP connections ... this is actually SSL operating ... the client responds with F, where K is the shared key and F ... (sci.crypt) RE: RPC kicking my rear ... OWA was working via an SSL connection also with issue. ... Configure RPC over HTTP/S on a Single Exchange Server: ... (microsoft.public.exchange.admin) RE: Problem with RPC over HTTP connecting from outside ... client with your public proxy server. ... Router has allowed 135 port. ... to help troubleshoot an unsuccessful RPC over HTTP connection. ... (microsoft.public.exchange.setup) Re: rpc over https problems ... If you are using a self-made SSL certificate. ... Install it on the client PC ... Configure SSL on OWA ... Configure Outlook 2003 to use RPC over HTTP/S ... (microsoft.public.exchange.admin)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2007-04