Greetings,
I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that
uses an SSL server certificate. My user community is made
up of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a number
of reasons and now find that my Mac users are having
problems with the application. SSL works just fine for PC
users, won't work for Mac users (browser is Internet
Explorer). When a Mac user tries to login to my
application using SSL ( https://) the browser produces an
error saying "Security failure, a secure connection could
not be established". Mac users can use the site/app
without SSL ( http://)
This is the same server and site and server certificate
that was used with the ASP app. Is there a problem
using "server.transfer()" when SSL is part of the
equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any
assistance.
Bob Skutnick 8 1731
I have encountered something very similar to this.
We have internal access with no SSL, and external access with SSL. The only
problem we had is when users with Mac and IE or Netscape tried to access the
site externally hence going through SSL. The same Mac with the same
IE/Netscape would succeed internally, no SSL, but fail externally with SSL.
We do not get the error you are getting but get something like "resource not
available" from IE, netscape hangs forever. Here is the kicker, it only
happens with form posts, not gets. I created a plain html page with a form
post, and sure enough I encounter this problems. Change it to a form get and
it succeeds. So in our scenario its the IE/Netscape on Mac in combination
with our SSL accelarator in combination with form posts. Our network guys
have a question in with Cisco to see if they had seen this before.
So I don't have any answers but I am seeing somthing similar.
"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:00****************************@phx.gbl... Greetings, I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is made up of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a number of reasons and now find that my Mac users are having problems with the application. SSL works just fine for PC users, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces an error saying "Security failure, a secure connection could not be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
Most interesting. I'm using form post (not get). Normally
with MS IE on a Mac there is no error - just hangs, in IE
5.2.2 under OS X you see the "security failure". Have not
tried Netscape yet.
Bob -----Original Message----- I have encountered something very similar to this.
We have internal access with no SSL, and external access
with SSL. The onlyproblem we had is when users with Mac and IE or Netscape
tried to access thesite externally hence going through SSL. The same Mac
with the sameIE/Netscape would succeed internally, no SSL, but fail
externally with SSL.We do not get the error you are getting but get
something like "resource notavailable" from IE, netscape hangs forever. Here is the
kicker, it onlyhappens with form posts, not gets. I created a plain
html page with a formpost, and sure enough I encounter this problems. Change
it to a form get andit succeeds. So in our scenario its the IE/Netscape on
Mac in combinationwith our SSL accelarator in combination with form posts.
Our network guyshave a question in with Cisco to see if they had seen
this before. So I don't have any answers but I am seeing somthing
similar. "Bob Skutnick" <bo**********@amcolor.com> wrote in
messagenews:00****************************@phx.gbl... Greetings, I'm hoping someone has experienced a problem I'm
having: I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is
made up of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a
number of reasons and now find that my Mac users are having problems with the application. SSL works just fine for
PC users, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces
an error saying "Security failure, a secure connection
could not be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
.
Forgot one thing.. Opera and Safari on the Macs both succeed. So its only IE
and Netscape.
"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:00****************************@phx.gbl... Most interesting. I'm using form post (not get). Normally with MS IE on a Mac there is no error - just hangs, in IE 5.2.2 under OS X you see the "security failure". Have not tried Netscape yet.
Bob
-----Original Message----- I have encountered something very similar to this.
We have internal access with no SSL, and external access with SSL. The onlyproblem we had is when users with Mac and IE or Netscape tried to access thesite externally hence going through SSL. The same Mac with the sameIE/Netscape would succeed internally, no SSL, but fail externally with SSL.We do not get the error you are getting but get something like "resource notavailable" from IE, netscape hangs forever. Here is the kicker, it onlyhappens with form posts, not gets. I created a plain html page with a formpost, and sure enough I encounter this problems. Change it to a form get andit succeeds. So in our scenario its the IE/Netscape on Mac in combinationwith our SSL accelarator in combination with form posts. Our network guyshave a question in with Cisco to see if they had seen this before. So I don't have any answers but I am seeing somthing
similar. "Bob Skutnick" <bo**********@amcolor.com> wrote in
messagenews:00****************************@phx.gbl... Greetings, I'm hoping someone has experienced a problem I'm having: I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is made up of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a number of reasons and now find that my Mac users are having problems with the application. SSL works just fine for PC users, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces an error saying "Security failure, a secure connection could not be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
.
Maybe there is a certificate-trust issue that can be
tweaked on the Mac side.
Maybe the HTTP header is not being sufficently unwrapped
on the Mac side, or it can't be unwrapped fast enough on
the Mac side and the error defaults to "Security
failure...". Or vice-versa on the web server side.
Is the web server exactly the same (NT/Win2K/Win2K3)
between your application versions? Is the certificate
exactly the same? Just to rule out low-level issues, you
might want to install the ASP site on one IP number and
ASP.NET on another IP number and switch between them to
make sure that it is ASP.NET that is actually causing the
issue.
Assuming that it is in fact ASP.NET, are you using
cookies or sessions? Those state mechanisms have to put
information into the HTTP header. Using cookieless
sessions (my favorite) or strict ViewState might solve
your problem, as they transfer state info wholly in the
GET and HTTP body.
Are you using ASP.NET Forms Authentication or a custom
implementation? Perhaps either (especially the default
cookie-using method of Forms Auth) is not translating
something over SSL.
Hope that helps. -----Original Message----- Greetings, I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is
madeup of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a number of reasons and now find that my Mac users are having problems with the application. SSL works just fine for
PCusers, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces an error saying "Security failure, a secure connection
couldnot be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
.
Thanks for your ideas.
Exact same server (win2k), exact same certificate. Exact
same SQL server custom authentication.
Your mention of cookieless session state was a good
thought as I am using cookies. I changed it to
cookieless="true" and was hopeful but the app still fails
on a Mac browser.
Someone mentioned get vs. post and that seems to be
something. All of my forms use method="post". All of my
page to page navigation use server.transfer. Any thoughts
on this?
I might be getting somewhere.
Bob -----Original Message-----
Maybe there is a certificate-trust issue that can be tweaked on the Mac side.
Maybe the HTTP header is not being sufficently unwrapped on the Mac side, or it can't be unwrapped fast enough on the Mac side and the error defaults to "Security failure...". Or vice-versa on the web server side.
Is the web server exactly the same (NT/Win2K/Win2K3) between your application versions? Is the certificate exactly the same? Just to rule out low-level issues,
youmight want to install the ASP site on one IP number and ASP.NET on another IP number and switch between them to make sure that it is ASP.NET that is actually causing
theissue.
Assuming that it is in fact ASP.NET, are you using cookies or sessions? Those state mechanisms have to put information into the HTTP header. Using cookieless sessions (my favorite) or strict ViewState might solve your problem, as they transfer state info wholly in the GET and HTTP body.
Are you using ASP.NET Forms Authentication or a custom implementation? Perhaps either (especially the default cookie-using method of Forms Auth) is not translating something over SSL.
Hope that helps.
-----Original Message----- Greetings, I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is madeup of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a
numberof reasons and now find that my Mac users are having problems with the application. SSL works just fine for PCusers, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces
anerror saying "Security failure, a secure connection couldnot be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
. .
Did you try creating the simple html page with a form post and do the
expirement i tried? Did you try Opera or Safari? In my situation, which is
very close to your problem, these two tests took away asp.net having any
involvement in my problem, and put all of the focus on the SSL acelerator
along with IE/Netscape on MAC being the real culprits, which the network
admins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:01****************************@phx.gbl... Thanks for your ideas.
Exact same server (win2k), exact same certificate. Exact same SQL server custom authentication. Your mention of cookieless session state was a good thought as I am using cookies. I changed it to cookieless="true" and was hopeful but the app still fails on a Mac browser. Someone mentioned get vs. post and that seems to be something. All of my forms use method="post". All of my page to page navigation use server.transfer. Any thoughts on this?
I might be getting somewhere. Bob
-----Original Message-----
Maybe there is a certificate-trust issue that can be tweaked on the Mac side.
Maybe the HTTP header is not being sufficently unwrapped on the Mac side, or it can't be unwrapped fast enough on the Mac side and the error defaults to "Security failure...". Or vice-versa on the web server side.
Is the web server exactly the same (NT/Win2K/Win2K3) between your application versions? Is the certificate exactly the same? Just to rule out low-level issues, youmight want to install the ASP site on one IP number and ASP.NET on another IP number and switch between them to make sure that it is ASP.NET that is actually causing theissue.
Assuming that it is in fact ASP.NET, are you using cookies or sessions? Those state mechanisms have to put information into the HTTP header. Using cookieless sessions (my favorite) or strict ViewState might solve your problem, as they transfer state info wholly in the GET and HTTP body.
Are you using ASP.NET Forms Authentication or a custom implementation? Perhaps either (especially the default cookie-using method of Forms Auth) is not translating something over SSL.
Hope that helps.
-----Original Message----- Greetings, I'm hoping someone has experienced a problem I'm having:
I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is madeup of both PC's and Macintosh computers.
I've re-written this application in ASP.NET for a numberof reasons and now find that my Mac users are having problems with the application. SSL works just fine for PCusers, won't work for Mac users (browser is Internet Explorer). When a Mac user tries to login to my application using SSL (https://) the browser produces anerror saying "Security failure, a secure connection couldnot be established". Mac users can use the site/app without SSL (http://)
This is the same server and site and server certificate that was used with the ASP app. Is there a problem using "server.transfer()" when SSL is part of the equation? Any special web.config issues?
I'm truly stumped on this one... Thanks so much for any assistance.
Bob Skutnick
. .
I tried Safari and it works fine with SSL, which makes me
think the problem is not asp.net. If that is true and the
problem is the SSL acelerator (I don't know what that is)
how could I fix it? Or is it possible?
Thanks,
Bob -----Original Message----- Did you try creating the simple html page with a form
post and do theexpirement i tried? Did you try Opera or Safari? In my
situation, which isvery close to your problem, these two tests took away
asp.net having anyinvolvement in my problem, and put all of the focus on
the SSL aceleratoralong with IE/Netscape on MAC being the real culprits,
which the networkadmins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in
messagenews:01****************************@phx.gbl... Thanks for your ideas.
Exact same server (win2k), exact same certificate.
Exact same SQL server custom authentication. Your mention of cookieless session state was a good thought as I am using cookies. I changed it to cookieless="true" and was hopeful but the app still
fails on a Mac browser. Someone mentioned get vs. post and that seems to be something. All of my forms use method="post". All of my page to page navigation use server.transfer. Any
thoughts on this?
I might be getting somewhere. Bob
>-----Original Message----- > >Maybe there is a certificate-trust issue that can be >tweaked on the Mac side. > >Maybe the HTTP header is not being sufficently
unwrapped >on the Mac side, or it can't be unwrapped fast enough
on >the Mac side and the error defaults to "Security >failure...". Or vice-versa on the web server side. > >Is the web server exactly the same (NT/Win2K/Win2K3) >between your application versions? Is the certificate >exactly the same? Just to rule out low-level issues, you >might want to install the ASP site on one IP number
and >ASP.NET on another IP number and switch between them
to >make sure that it is ASP.NET that is actually causing the >issue. > >Assuming that it is in fact ASP.NET, are you using >cookies or sessions? Those state mechanisms have to
put >information into the HTTP header. Using cookieless >sessions (my favorite) or strict ViewState might solve >your problem, as they transfer state info wholly in
the >GET and HTTP body. > >Are you using ASP.NET Forms Authentication or a custom >implementation? Perhaps either (especially the
default >cookie-using method of Forms Auth) is not translating >something over SSL. > >Hope that helps. > > > > >>-----Original Message----- >>Greetings, >>I'm hoping someone has experienced a problem I'm
having: >> >>I have an existing ASP application (working fine)
that >>uses an SSL server certificate. My user community is >made >>up of both PC's and Macintosh computers. >> >>I've re-written this application in ASP.NET for a number >>of reasons and now find that my Mac users are having >>problems with the application. SSL works just fine
for >PC >>users, won't work for Mac users (browser is Internet >>Explorer). When a Mac user tries to login to my >>application using SSL (https://) the browser produces an >>error saying "Security failure, a secure connection >could >>not be established". Mac users can use the site/app >>without SSL (http://) >> >>This is the same server and site and server
certificate >>that was used with the ASP app. Is there a problem >>using "server.transfer()" when SSL is part of the >>equation? Any special web.config issues? >> >>I'm truly stumped on this one... Thanks so much for
any >>assistance. >> >>Bob Skutnick >> >> >>. >> >. >
.
I tried looking and looking and I have not found a resolution. Like I said
we have a admin waiting to hear from Cisco on this. It may be a firmware
bug, it may be an IE/Netscape Mac version bug???
The combination I had narrowed it done to is:
IE/Netscape + Macintosh + Form Post + SSL
Replace any one of the above and it works.
Opera/Safari + Macintosh + Form Post + SSL ->WORKS
IE/Netscape + Windows + Form Post + SSL -> WORKS
IE/Netscape + Macintosh + Form Get/Any HTTP Get + SSL -> WORKS
IE/Netscape + Macintosh + Form Post + NO SSL -> WORKS
IE/Netscape + Macintosh + Form Post + SSL -> BUG/ HANGS
"Bob Skutnick" <bo**********@amcolor.com> wrote in message
news:04****************************@phx.gbl... I tried Safari and it works fine with SSL, which makes me think the problem is not asp.net. If that is true and the problem is the SSL acelerator (I don't know what that is) how could I fix it? Or is it possible? Thanks, Bob-----Original Message----- Did you try creating the simple html page with a form post and do theexpirement i tried? Did you try Opera or Safari? In my situation, which isvery close to your problem, these two tests took away asp.net having anyinvolvement in my problem, and put all of the focus on the SSL aceleratoralong with IE/Netscape on MAC being the real culprits, which the networkadmins confirmed.
"Bob Skutnick" <bo**********@amcolor.com> wrote in messagenews:01****************************@phx.gbl... Thanks for your ideas.
Exact same server (win2k), exact same certificate. Exact same SQL server custom authentication. Your mention of cookieless session state was a good thought as I am using cookies. I changed it to cookieless="true" and was hopeful but the app still fails on a Mac browser. Someone mentioned get vs. post and that seems to be something. All of my forms use method="post". All of my page to page navigation use server.transfer. Any thoughts on this?
I might be getting somewhere. Bob
>-----Original Message----- > >Maybe there is a certificate-trust issue that can be >tweaked on the Mac side. > >Maybe the HTTP header is not being sufficently unwrapped >on the Mac side, or it can't be unwrapped fast enough on >the Mac side and the error defaults to "Security >failure...". Or vice-versa on the web server side. > >Is the web server exactly the same (NT/Win2K/Win2K3) >between your application versions? Is the certificate >exactly the same? Just to rule out low-level issues, you >might want to install the ASP site on one IP number and >ASP.NET on another IP number and switch between them to >make sure that it is ASP.NET that is actually causing the >issue. > >Assuming that it is in fact ASP.NET, are you using >cookies or sessions? Those state mechanisms have to put >information into the HTTP header. Using cookieless >sessions (my favorite) or strict ViewState might solve >your problem, as they transfer state info wholly in the >GET and HTTP body. > >Are you using ASP.NET Forms Authentication or a custom >implementation? Perhaps either (especially the default >cookie-using method of Forms Auth) is not translating >something over SSL. > >Hope that helps. > > > > >>-----Original Message----- >>Greetings, >>I'm hoping someone has experienced a problem I'm having: >> >>I have an existing ASP application (working fine) that >>uses an SSL server certificate. My user community is >made >>up of both PC's and Macintosh computers. >> >>I've re-written this application in ASP.NET for a number >>of reasons and now find that my Mac users are having >>problems with the application. SSL works just fine for >PC >>users, won't work for Mac users (browser is Internet >>Explorer). When a Mac user tries to login to my >>application using SSL (https://) the browser produces an >>error saying "Security failure, a secure connection >could >>not be established". Mac users can use the site/app >>without SSL (http://) >> >>This is the same server and site and server certificate >>that was used with the ASP app. Is there a problem >>using "server.transfer()" when SSL is part of the >>equation? Any special web.config issues? >> >>I'm truly stumped on this one... Thanks so much for any >>assistance. >> >>Bob Skutnick >> >> >>. >> >. >
. This discussion thread is closed Replies have been disabled for this discussion. Similar topics
8 posts
views
Thread by Charles \Stretch\ Ledford |
last post: by
|
2 posts
views
Thread by Key Bohn |
last post: by
|
38 posts
views
Thread by lawrence |
last post: by
|
2 posts
views
Thread by laredotornado |
last post: by
|
18 posts
views
Thread by gabriel |
last post: by
|
2 posts
views
Thread by Max Metral |
last post: by
|
2 posts
views
Thread by Eric Lindsay |
last post: by
|
9 posts
views
Thread by Eric Lindsay |
last post: by
|
9 posts
views
Thread by dreamamit2001 |
last post: by
| | | | | | | | | | |