My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that are used by
external users. I have not got a clue how to go about this. My users
are authenticated directly by querying a sql table where the user names
and passwords are stored. What do I need to do to my application or IIS
so that internal users use http and external use https? Any help on
this will be appreciated.
4  2093 
Whbat you're talking about is using SSL (Secure Sockets Layer). This
encrypts data being sent back and forth between client and server. You need
to obtain and install a Secure Certificate on the web server first. See http://www.verisign.com/ssl/ssl-information-center/ for details. After that,
it's simply a matter of ensuring that all links in the web site are via
HTTPS instead of HTTP, by changing any absolute path references to use
"https://" instead of "http://" A relative path that comes from an
HTTPS-requested page will use the same protocol.
--
HTH,
Kevin Spencer
Microsoft MVP
Chicken Salad Surgery
What You Seek Is What You Get.
<bk*****@gmail. comwrote in message
news:11******** **************@ e3g2000cwe.goog legroups.com...
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that are used by
external users. I have not got a clue how to go about this. My users
are authenticated directly by querying a sql table where the user names
and passwords are stored. What do I need to do to my application or IIS
so that internal users use http and external use https? Any help on
this will be appreciated.
Thanks for you help. I am now much more conversed with https than I was
before. Do i really need to go through the bother of acquiring a
digital certificate if all we need is to allow remote users from
another private lan to access our application via https? The firewalls
on both sides make sure that only machines with specific ip addresses
can get through. The main reason for using https is the security of
data while on transit from one private network to another. Can we use a
self certification cheme? Do we need certification for every Web server
in our network? The application is an asp.net with virtually all codes
behind on the server with no explicit reference to http:// ... within
the codes?
PS Please forgive may ignorance. The main focus of my work is on
application develpment rather than implementation.
Kevin Spencer wrote:
Whbat you're talking about is using SSL (Secure Sockets Layer). This
encrypts data being sent back and forth between client and server. You need
to obtain and install a Secure Certificate on the web server first. See
http://www.verisign.com/ssl/ssl-information-center/ for details. After that,
it's simply a matter of ensuring that all links in the web site are via
HTTPS instead of HTTP, by changing any absolute path references to use
"https://" instead of "http://" A relative path that comes from an
HTTPS-requested page will use the same protocol.
--
HTH,
Kevin Spencer
Microsoft MVP
Chicken Salad Surgery
What You Seek Is What You Get.
<bk*****@gmail. comwrote in message
news:11******** **************@ e3g2000cwe.goog legroups.com...
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that are used by
external users. I have not got a clue how to go about this. My users
are authenticated directly by querying a sql table where the user names
and passwords are stored. What do I need to do to my application or IIS
so that internal users use http and external use https? Any help on
this will be appreciated.
Hi,
I'm not sure if it will helps you. But for my intranets, I generate an
SSL certificate with my own certificate authority created on a windows
2k3 server. It's really simple to implments if your goal is to crypt
data (you only need to install certificate authority component).
Otherwise, If your goal is to authenticate your server you have to
fallow KB on implementing a PKI infrastructure.
Hope it will help you.
Vincent http://varod.blogspot.com
bkas...@gmail.c om a écrit :
Thanks for you help. I am now much more conversed with https than I was
before. Do i really need to go through the bother of acquiring a
digital certificate if all we need is to allow remote users from
another private lan to access our application via https? The firewalls
on both sides make sure that only machines with specific ip addresses
can get through. The main reason for using https is the security of
data while on transit from one private network to another. Can we use a
self certification cheme? Do we need certification for every Web server
in our network? The application is an asp.net with virtually all codes
behind on the server with no explicit reference to http:// ... within
the codes?
PS Please forgive may ignorance. The main focus of my work is on
application develpment rather than implementation.
Kevin Spencer wrote:
Whbat you're talking about is using SSL (Secure Sockets Layer). This
encrypts data being sent back and forth between client and server. You need
to obtain and install a Secure Certificate on the web server first. See
http://www.verisign.com/ssl/ssl-information-center/ for details. After that,
it's simply a matter of ensuring that all links in the web site are via
HTTPS instead of HTTP, by changing any absolute path references to use
"https://" instead of "http://" A relative path that comes from an
HTTPS-requested page will use the same protocol.
--
HTH,
Kevin Spencer
Microsoft MVP
Chicken Salad Surgery
What You Seek Is What You Get.
<bk*****@gmail. comwrote in message
news:11******** **************@ e3g2000cwe.goog legroups.com...
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that are used by
external users. I have not got a clue how to go about this. My users
are authenticated directly by querying a sql table where the user names
and passwords are stored. What do I need to do to my application or IIS
so that internal users use http and external use https? Any help on
this will be appreciated.
>
Thanks. This was helpful.
Vincent A. wrote:
Hi,
I'm not sure if it will helps you. But for my intranets, I generate an
SSL certificate with my own certificate authority created on a windows
2k3 server. It's really simple to implments if your goal is to crypt
data (you only need to install certificate authority component).
Otherwise, If your goal is to authenticate your server you have to
fallow KB on implementing a PKI infrastructure.
Hope it will help you.
Vincent
http://varod.blogspot.com
bkas...@gmail.c om a écrit :
Thanks for you help. I am now much more conversed with https than I was
before. Do i really need to go through the bother of acquiring a
digital certificate if all we need is to allow remote users from
another private lan to access our application via https? The firewalls
on both sides make sure that only machines with specific ip addresses
can get through. The main reason for using https is the security of
data while on transit from one private network to another. Can we use a
self certification cheme? Do we need certification for every Web server
in our network? The application is an asp.net with virtually all codes
behind on the server with no explicit reference to http:// ... within
the codes?
PS Please forgive may ignorance. The main focus of my work is on
application develpment rather than implementation.
Kevin Spencer wrote:
Whbat you're talking about is using SSL (Secure Sockets Layer). This
encrypts data being sent back and forth between client and server. You need
to obtain and install a Secure Certificate on the web server first. See
http://www.verisign.com/ssl/ssl-information-center/ for details. After that,
it's simply a matter of ensuring that all links in the web site are via
HTTPS instead of HTTP, by changing any absolute path references to use
"https://" instead of "http://" A relative path that comes from an
HTTPS-requested page will use the same protocol.
>
--
HTH,
>
Kevin Spencer
Microsoft MVP
Chicken Salad Surgery
>
What You Seek Is What You Get.
>
<bk*****@gmail. comwrote in message
news:11******** **************@ e3g2000cwe.goog legroups.com...
My asp.net application (developed using vs2003) runs fine on a windows
2000 server using iis 5.0. Our network manager wants to do away with
any http connections and only use https for services that are used by
external users. I have not got a clue how to go about this. My users
are authenticated directly by querying a sql table where the user names
and passwords are stored. What do I need to do to my application orIIS
so that internal users use http and external use https? Any help on
this will be appreciated.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Grunff |
last post by:
I'm experiencing an interesting problem with carrying a php session over
from http to https. Much googling later, I'm still stuck.
The application is an online shop, where some user data is stored in the
session. As the user proceeds to checkout, we switch over to https. This
is all done on the same physical server, under the same domain (which
has an SSL cert).
The session ID is carried over fine - I can read the session ID from
http...
|
by: MisterKen |
last post by:
It appears that I'm losing values for session variables when I move from a
page like http://www.my_site.com/catalog.aspx to
https://www50.ssldomain.com/my_site/login.aspx and vice versa.
Are session variables suppose to lose values across different domain names?
The www50.ssldomain.com is hosted by the same webhost. It's just how they
handle their SSL certificate.
Help! Thanks for any help.
|
by: Chris Ashley |
last post by:
Is it possible to persist viewstate information between HTTP and HTTPS
(on the same page obviously)? Trying to get around writing some messy
state transfer code... it doesn't seem to work if I use
response.redirect.
|
by: Saverio Tedeschi |
last post by:
Hi all gurus,
I wrote an Win app with embedded FTP client (well, made some cut and paste
from others' projects :-)) to receive and send files from within the app
itself. Now the server I connect to from 1st Jan on will allow just
http/https connection, so I can no longer use FTP. I've thought to use
System.Net.WebClient class and SendFiles method, but when I try only obtain
a message, described later in datail. Can pls some1 point me to...
|
by: bjohns33 |
last post by:
Hi all
I've written a custom provider for membership services and put my login
control on an ascx. I want this ascx to be available anywhere on the website
so that users don't need to click twice to login. The rest of the site is
running over http, but I want the login process to run over https (obviously
don't want the password being sent clear text) when the user enters their
details and clicks login (on the homepage for example).
...
| | |
by: Aikido |
last post by:
Hi,
I'm having an issue calling my WebService from an application.
I published the WebService successfully on our DMZ box using https://, and
in a Windows Application I made a WebReference to the Service without an
issue, passing the correct user/password to the site. However when I execute
the code and try to call the Service, I get an error of access denied. I'm
guessing the login info is not being passed along when I first created...
|
by: OhWhite |
last post by:
When a Offline VB.NET 2003 application logins into a Https server, is
the generated traffic encrypted by default like when you do the same
using your Browser.
Or do you have to explicitly encrypt it yourself?
Thanks
Boulent
|
by: totalstranger |
last post by:
My Bluehost site is setup with a dedicated IP address, Rapid SSL
certificate, PHP 5 and FastCGI is set on.
When switching between HTTP and HTTPS I was under the impression the
Session Data was independent for each protocol and I've read about
various methods of storing session data in a database to bypass this
problem. However while testing what I thought was incomplete code (no
$_Session preservation code in place), I've discovered this...
|
by: shlim |
last post by:
Currently I'm using VB.Net to perform a http/https multipart form post to a servlet. I'm able to perform the post using HttpWebrequest via GetRequestStream(). However, the servlet returned me with "The remote server returned an error: (500) Internal Server Error". Obviously, this means that I have not posted all the parameters as the servlet requested. But I just can't seem to find out what went wrong with my code. Hope someone can enlighten me,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
