SSL problem with ASP.NET and Macintosh browser

I have encountered something very similar to this.

We have internal access with no SSL, and external access with SSL. The only
problem we had is when users with Mac and IE or Netscape tried to access the
site externally hence going through SSL. The same Mac with the same
IE/Netscape would succeed internally, no SSL, but fail externally with SSL.
We do not get the error you are getting but get something like "resource not
available" from IE, netscape hangs forever. Here is the kicker, it only
happens with form posts, not gets. I created a plain html page with a form
post, and sure enough I encounter this problems. Change it to a form get and
it succeeds. So in our scenario its the IE/Netscape on Mac in combination
with our SSL accelarator in combination with form posts. Our network guys
have a question in with Cisco to see if they had seen this before.

So I don't have any answers but I am seeing somthing similar.


"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:00****************************@phx.gbl...

Greetings,
I'm hoping someone has experienced a problem I'm having:

I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is made
up of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a number
of reasons and now find that my Mac users are having
problems with the application. SSL works just fine for PC
users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces an
error saying "Security failure, a secure connection could
not be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick

Most interesting. I'm using form post (not get). Normally
with MS IE on a Mac there is no error - just hangs, in IE
5.2.2 under OS X you see the "security failure". Have not
tried Netscape yet.

Bob

-----Original Message-----
I have encountered something very similar to this.

We have internal access with no SSL, and external access with SSL. The onlyproblem we had is when users with Mac and IE or Netscape tried to access thesite externally hence going through SSL. The same Mac with the sameIE/Netscape would succeed internally, no SSL, but fail externally with SSL.We do not get the error you are getting but get something like "resource notavailable" from IE, netscape hangs forever. Here is the kicker, it onlyhappens with form posts, not gets. I created a plain html page with a formpost, and sure enough I encounter this problems. Change it to a form get andit succeeds. So in our scenario its the IE/Netscape on Mac in combinationwith our SSL accelarator in combination with form posts. Our network guyshave a question in with Cisco to see if they had seen this before.
So I don't have any answers but I am seeing somthing similar.

"Bob Skutnick" <bo**********@amcolor.com> wrote in messagenews:00****************************@phx.gbl...

Greetings,
I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is made up of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a number of reasons and now find that my Mac users are having
problems with the application. SSL works just fine for PC users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces an error saying "Security failure, a secure connection could not be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick

.

Forgot one thing.. Opera and Safari on the Macs both succeed. So its only IE
and Netscape.

"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:00****************************@phx.gbl...

Most interesting. I'm using form post (not get). Normally
with MS IE on a Mac there is no error - just hangs, in IE
5.2.2 under OS X you see the "security failure". Have not
tried Netscape yet.

Bob

-----Original Message-----
I have encountered something very similar to this.

We have internal access with no SSL, and external access

with SSL. The only

problem we had is when users with Mac and IE or Netscape

tried to access the

site externally hence going through SSL. The same Mac

with the same

IE/Netscape would succeed internally, no SSL, but fail

externally with SSL.

We do not get the error you are getting but get

something like "resource not

available" from IE, netscape hangs forever. Here is the

kicker, it only

happens with form posts, not gets. I created a plain

html page with a form

post, and sure enough I encounter this problems. Change

it to a form get and

it succeeds. So in our scenario its the IE/Netscape on

Mac in combination

with our SSL accelarator in combination with form posts.

Our network guys

have a question in with Cisco to see if they had seen

this before.

So I don't have any answers but I am seeing somthing

similar.

"Bob Skutnick" <bo**********@amcolor.com> wrote in

message

news:00****************************@phx.gbl...

Greetings,
I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is made up of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a number of reasons and now find that my Mac users are having
problems with the application. SSL works just fine for PC users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces an error saying "Security failure, a secure connection could not be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick

.

Maybe there is a certificate-trust issue that can be
tweaked on the Mac side.

Maybe the HTTP header is not being sufficently unwrapped
on the Mac side, or it can't be unwrapped fast enough on
the Mac side and the error defaults to "Security
failure...". Or vice-versa on the web server side.

Is the web server exactly the same (NT/Win2K/Win2K3)
between your application versions? Is the certificate
exactly the same? Just to rule out low-level issues, you
might want to install the ASP site on one IP number and
ASP.NET on another IP number and switch between them to
make sure that it is ASP.NET that is actually causing the
issue.

Assuming that it is in fact ASP.NET, are you using
cookies or sessions? Those state mechanisms have to put
information into the HTTP header. Using cookieless
sessions (my favorite) or strict ViewState might solve
your problem, as they transfer state info wholly in the
GET and HTTP body.

Are you using ASP.NET Forms Authentication or a custom
implementation? Perhaps either (especially the default
cookie-using method of Forms Auth) is not translating
something over SSL.

Hope that helps.

-----Original Message-----
Greetings,
I'm hoping someone has experienced a problem I'm having:

I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is madeup of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a number
of reasons and now find that my Mac users are having
problems with the application. SSL works just fine for PCusers, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces an
error saying "Security failure, a secure connection couldnot be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick
.

Thanks for your ideas.

Exact same server (win2k), exact same certificate. Exact
same SQL server custom authentication.
Your mention of cookieless session state was a good
thought as I am using cookies. I changed it to
cookieless="true" and was hopeful but the app still fails
on a Mac browser.
Someone mentioned get vs. post and that seems to be
something. All of my forms use method="post". All of my
page to page navigation use server.transfer. Any thoughts
on this?

I might be getting somewhere.
Bob

-----Original Message-----

Maybe there is a certificate-trust issue that can be
tweaked on the Mac side.

Maybe the HTTP header is not being sufficently unwrapped
on the Mac side, or it can't be unwrapped fast enough on
the Mac side and the error defaults to "Security
failure...". Or vice-versa on the web server side.

Is the web server exactly the same (NT/Win2K/Win2K3)
between your application versions? Is the certificate
exactly the same? Just to rule out low-level issues, youmight want to install the ASP site on one IP number and
ASP.NET on another IP number and switch between them to
make sure that it is ASP.NET that is actually causing theissue.

Assuming that it is in fact ASP.NET, are you using
cookies or sessions? Those state mechanisms have to put
information into the HTTP header. Using cookieless
sessions (my favorite) or strict ViewState might solve
your problem, as they transfer state info wholly in the
GET and HTTP body.

Are you using ASP.NET Forms Authentication or a custom
implementation? Perhaps either (especially the default
cookie-using method of Forms Auth) is not translating
something over SSL.

Hope that helps.

-----Original Message-----
Greetings,
I'm hoping someone has experienced a problem I'm having:

I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is

made

up of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a numberof reasons and now find that my Mac users are having
problems with the application. SSL works just fine for

PC

users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces anerror saying "Security failure, a secure connection

could

not be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick
.

.

Did you try creating the simple html page with a form post and do the
expirement i tried? Did you try Opera or Safari? In my situation, which is
very close to your problem, these two tests took away asp.net having any
involvement in my problem, and put all of the focus on the SSL acelerator
along with IE/Netscape on MAC being the real culprits, which the network
admins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:01****************************@phx.gbl...

Thanks for your ideas.

Exact same server (win2k), exact same certificate. Exact
same SQL server custom authentication.
Your mention of cookieless session state was a good
thought as I am using cookies. I changed it to
cookieless="true" and was hopeful but the app still fails
on a Mac browser.
Someone mentioned get vs. post and that seems to be
something. All of my forms use method="post". All of my
page to page navigation use server.transfer. Any thoughts
on this?

I might be getting somewhere.
Bob

-----Original Message-----

Maybe there is a certificate-trust issue that can be
tweaked on the Mac side.

Maybe the HTTP header is not being sufficently unwrapped
on the Mac side, or it can't be unwrapped fast enough on
the Mac side and the error defaults to "Security
failure...". Or vice-versa on the web server side.

Is the web server exactly the same (NT/Win2K/Win2K3)
between your application versions? Is the certificate
exactly the same? Just to rule out low-level issues,

you

might want to install the ASP site on one IP number and
ASP.NET on another IP number and switch between them to
make sure that it is ASP.NET that is actually causing

the

issue.

Assuming that it is in fact ASP.NET, are you using
cookies or sessions? Those state mechanisms have to put
information into the HTTP header. Using cookieless
sessions (my favorite) or strict ViewState might solve
your problem, as they transfer state info wholly in the
GET and HTTP body.

Are you using ASP.NET Forms Authentication or a custom
implementation? Perhaps either (especially the default
cookie-using method of Forms Auth) is not translating
something over SSL.

Hope that helps.

-----Original Message-----
Greetings,
I'm hoping someone has experienced a problem I'm having:

I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is

made

up of both PC's and Macintosh computers.

I've re-written this application in ASP.NET for a numberof reasons and now find that my Mac users are having
problems with the application. SSL works just fine for

PC

users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL (https://) the browser produces anerror saying "Security failure, a secure connection

could

not be established". Mac users can use the site/app
without SSL (http://)

This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?

I'm truly stumped on this one... Thanks so much for any
assistance.

Bob Skutnick
.

.

I tried Safari and it works fine with SSL, which makes me
think the problem is not asp.net. If that is true and the
problem is the SSL acelerator (I don't know what that is)
how could I fix it? Or is it possible?
Thanks,
Bob

-----Original Message-----
Did you try creating the simple html page with a form post and do theexpirement i tried? Did you try Opera or Safari? In my situation, which isvery close to your problem, these two tests took away asp.net having anyinvolvement in my problem, and put all of the focus on the SSL aceleratoralong with IE/Netscape on MAC being the real culprits, which the networkadmins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in messagenews:01****************************@phx.gbl...

Thanks for your ideas.

Exact same server (win2k), exact same certificate. Exact same SQL server custom authentication.
Your mention of cookieless session state was a good
thought as I am using cookies. I changed it to
cookieless="true" and was hopeful but the app still fails on a Mac browser.
Someone mentioned get vs. post and that seems to be
something. All of my forms use method="post". All of my
page to page navigation use server.transfer. Any thoughts on this?

I might be getting somewhere.
Bob

>-----Original Message-----
>
>Maybe there is a certificate-trust issue that can be
>tweaked on the Mac side.
>
>Maybe the HTTP header is not being sufficently unwrapped >on the Mac side, or it can't be unwrapped fast enough on >the Mac side and the error defaults to "Security
>failure...". Or vice-versa on the web server side.
>
>Is the web server exactly the same (NT/Win2K/Win2K3)
>between your application versions? Is the certificate
>exactly the same? Just to rule out low-level issues,

you

>might want to install the ASP site on one IP number and >ASP.NET on another IP number and switch between them to >make sure that it is ASP.NET that is actually causing

the

>issue.
>
>Assuming that it is in fact ASP.NET, are you using
>cookies or sessions? Those state mechanisms have to put >information into the HTTP header. Using cookieless
>sessions (my favorite) or strict ViewState might solve
>your problem, as they transfer state info wholly in the >GET and HTTP body.
>
>Are you using ASP.NET Forms Authentication or a custom
>implementation? Perhaps either (especially the default >cookie-using method of Forms Auth) is not translating
>something over SSL.
>
>Hope that helps.
>
>
>
>
>>-----Original Message-----
>>Greetings,
>>I'm hoping someone has experienced a problem I'm having: >>
>>I have an existing ASP application (working fine) that >>uses an SSL server certificate. My user community is
>made
>>up of both PC's and Macintosh computers.
>>
>>I've re-written this application in ASP.NET for a

number

>>of reasons and now find that my Mac users are having
>>problems with the application. SSL works just fine for >PC
>>users, won't work for Mac users (browser is Internet
>>Explorer). When a Mac user tries to login to my
>>application using SSL (https://) the browser produces

an

>>error saying "Security failure, a secure connection
>could
>>not be established". Mac users can use the site/app
>>without SSL (http://)
>>
>>This is the same server and site and server certificate >>that was used with the ASP app. Is there a problem
>>using "server.transfer()" when SSL is part of the
>>equation? Any special web.config issues?
>>
>>I'm truly stumped on this one... Thanks so much for any >>assistance.
>>
>>Bob Skutnick
>>
>>
>>.
>>
>.
>

.

I tried looking and looking and I have not found a resolution. Like I said
we have a admin waiting to hear from Cisco on this. It may be a firmware
bug, it may be an IE/Netscape Mac version bug???

The combination I had narrowed it done to is:

IE/Netscape + Macintosh + Form Post + SSL

Replace any one of the above and it works.

Opera/Safari + Macintosh + Form Post + SSL ->WORKS

IE/Netscape + Windows + Form Post + SSL -> WORKS

IE/Netscape + Macintosh + Form Get/Any HTTP Get + SSL -> WORKS

IE/Netscape + Macintosh + Form Post + NO SSL -> WORKS

IE/Netscape + Macintosh + Form Post + SSL -> BUG/ HANGS

"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:04****************************@phx.gbl...

I tried Safari and it works fine with SSL, which makes me
think the problem is not asp.net. If that is true and the
problem is the SSL acelerator (I don't know what that is)
how could I fix it? Or is it possible?
Thanks,
Bob

-----Original Message-----
Did you try creating the simple html page with a form

post and do the

expirement i tried? Did you try Opera or Safari? In my

situation, which is

very close to your problem, these two tests took away

asp.net having any

involvement in my problem, and put all of the focus on

the SSL acelerator

along with IE/Netscape on MAC being the real culprits,

which the network

admins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in

message

news:01****************************@phx.gbl...

Thanks for your ideas.

Exact same server (win2k), exact same certificate. Exact same SQL server custom authentication.
Your mention of cookieless session state was a good
thought as I am using cookies. I changed it to
cookieless="true" and was hopeful but the app still fails on a Mac browser.
Someone mentioned get vs. post and that seems to be
something. All of my forms use method="post". All of my
page to page navigation use server.transfer. Any thoughts on this?

I might be getting somewhere.
Bob

>-----Original Message-----
>
>Maybe there is a certificate-trust issue that can be
>tweaked on the Mac side.
>
>Maybe the HTTP header is not being sufficently unwrapped >on the Mac side, or it can't be unwrapped fast enough on >the Mac side and the error defaults to "Security
>failure...". Or vice-versa on the web server side.
>
>Is the web server exactly the same (NT/Win2K/Win2K3)
>between your application versions? Is the certificate
>exactly the same? Just to rule out low-level issues,
you
>might want to install the ASP site on one IP number and >ASP.NET on another IP number and switch between them to >make sure that it is ASP.NET that is actually causing
the
>issue.
>
>Assuming that it is in fact ASP.NET, are you using
>cookies or sessions? Those state mechanisms have to put >information into the HTTP header. Using cookieless
>sessions (my favorite) or strict ViewState might solve
>your problem, as they transfer state info wholly in the >GET and HTTP body.
>
>Are you using ASP.NET Forms Authentication or a custom
>implementation? Perhaps either (especially the default >cookie-using method of Forms Auth) is not translating
>something over SSL.
>
>Hope that helps.
>
>
>
>
>>-----Original Message-----
>>Greetings,
>>I'm hoping someone has experienced a problem I'm having: >>
>>I have an existing ASP application (working fine) that >>uses an SSL server certificate. My user community is
>made
>>up of both PC's and Macintosh computers.
>>
>>I've re-written this application in ASP.NET for a
number
>>of reasons and now find that my Mac users are having
>>problems with the application. SSL works just fine for >PC
>>users, won't work for Mac users (browser is Internet
>>Explorer). When a Mac user tries to login to my
>>application using SSL (https://) the browser produces
an
>>error saying "Security failure, a secure connection
>could
>>not be established". Mac users can use the site/app
>>without SSL (http://)
>>
>>This is the same server and site and server certificate >>that was used with the ASP app. Is there a problem
>>using "server.transfer()" when SSL is part of the
>>equation? Any special web.config issues?
>>
>>I'm truly stumped on this one... Thanks so much for any >>assistance.
>>
>>Bob Skutnick
>>
>>
>>.
>>
>.
>

.