I have an application running on IIS 8.5 on my Windows Server 2012 and I have configured it to use this certificate I just bought. So now I can access the website using https protocol.
I have node.js clients running on some computers outside my network and posting some data to the server from time to time. I want to secure that connection now that I have a SSL certificate. I've been googling around for a couple of hours and I was not able to have the picture of what I need to do.
My goal would be to do the HTTP POST from client and only the clients using the certificate would be allowed to upload data to my https://example.com/upload url.
Firstly, I need to configure IIS so that requires a certificate when doing the handshake but I have no option for that in the authentication panel inside my webapp. I only have these options:
What am I doing wrong?
Click on SSL Settings
Then tick Require SSL
Related
So,
I currently have a net core web api running in a windows VPS (amongst other things). When I make requests to this api, I would like to do so using https. It seems I need to have an SSL Cert on this VPS (which does not have a domain, just an IP).
The https API is on xxx.xxx.xxx.xxx:443
The net core application is published into a self-contained package and run as an .exe (i think using IIS express)
Ideally I would like to use a free SSL cert from something like zerossl.com or any viable alternative you may suggest
How can I go about making it so that if I access xxx.xxx.xxx.xxx:443/api/values, I get a secured icon in my browser?
Thanks
It seems I need to have an SSL Cert on this VPS (which does not have a domain, just an IP)
It is impossible to bind SSL Certificate to IP address.It must bind to domain.
I have a WCF client application hitting a WCF web service running under IIS 7.5 on Windows 2008 Server R2. I have a "client" certificate on the client machine, and a "server" certificate on the server machine. I have successfully configured IIS and the client app to use straight "1-way" SSL. However, I am not able to get "2-way" SSL (SSL w/Client Certificate REQUIRED) to work.
I have taken the client certificate, exported as Base-64, formatted the resulting text string, and added that in as an entry under IIS Client Certificate Mapping on the IIS server. I've tied this to a Windows user, and given that user access to the folder where the web service runs from. I have done all of this configuration at the site level under IIS Manager.
The problem shows up when I DISABLE anonymous authentication. If I do this, then IIS gives me a return code of 500 and an accompanying error telling me I must enable anonymous authentication. This is not what I want. If I RE-ENABLE anonymous authentication, then any client using a valid client certificate is able to make the web service call. I want to limit the ability to call the service only to those clients that present a client certificate that I have mapped to the Windows user.
Has anyone else come across this?
Thanks!
Brian
I have researched a lot before posting this question. I have a website that runs on HTTP. We are currently using ASP.NET webforms.
My boss wants to update the payment gateway to use Stripe. Stripe wants the payments page to be running on HTTPS rather than HTTP. So I want to make my website HTTPS.
There are a lot of articles out there to make your website https with your own self signed certificate. However, I couldn't find relevant Microsoft docs for doing the same thing in a live production environment.
My question is how would I do that in a production environment where you do not have ISS control?. I understand that I will have to buy an SSL certificate from a verification authority. Currently I am using FTP to replace the bin files and the modified files to make changes to the website.
I was wondering if there are any C#,ASP.NET veterans out there who can guide me in the right direction.
To run a web site with a certificate, which is a requirement to use HTTPS, you must be able to use IIS administrator to install the certificate on the web server and bind it to the web site on port 443. You could maybe possibly get it done without IIS admin by using PowerShell, but the user account running PowerShell would need the same permissions as if you did it with IIS admin.
Bottom line-- if you do not have any access to IIS admin at all, it is not possible to complete this task by yourself.
If your web site is hosted, you will need to approach the hosting service provider for instructions on how to request and install an SSL certificate for your web site.
I have an intranet application that runs over https and it needs to access a websocket sever that needs to runs over wss because chrome mixed content security. Both applications use self-signed certificates but is not possible to access the websocket server because chrome doesn't trust in self-signed certificate unless user authorize. So, cause of that the connection fails. Is there a way to have a valid certificate to use in intranet application? Or is there another way to solve this problem?
You can generate a certificate for websocket.intranet.example.com with a public DNS that doesn't point to the real websocket server, and then copy that certificate in the real server.
Of course, your internal DNS resolver must point websocket.intranet.example.com to the real websocket server
I have a WP7 app that communicates with the back-end via a WCF service.
A customer has asked if the app can be made more secure by communicating via an ISA server using Open SSL.
The ISA server would be public facing with the IIS Server hosting the WCF service behind a firewall. I will have to load the public cert onto the phone and have read that this can be achieved by emailing the cert then running the attachment.
I'm not clued up on ISA, Open SSL or certificates and am hoping someone can tell me if this is possible or not.
Any ideas?
Edit
I'm hoping for a little about how to configure the WCF proxy on the phone.
You need the the Root CA of the cert on the phone. You can do this a couple of ways. The simplest would be to email it to the phone as an attachement (p7b format). On the phone simply open the attachement and the phone will prompt you to install the cert (p7b). This will install the cert into the cerificate store. A good way to test if it is working right is to hit an HTTPS web URL in IE from the phone, if you dont get any security prompts about an untrusted cert it is working correctly.
You will need to have your SSL terminate at the ISA/UAG box. This would have the server cert set up on it and use it to secure the SSL channel for the web app.
More information on configuring publishing with UAG (next gen of ISA) is here: http://technet.microsoft.com/en-us/library/ee406221.aspx