Ask a Question related to ASP.NET Security, Design and Development.
-
Jalyah TL via .NET 247 #1
ASP.NET and SSL
English:
Hi! I have a problem when I send a request from an asp page toanother with HttpWebRequest. The site requires a certicate toaccess, for this reason I added a certificate to the requestusing the class X509Certificate. The problem is that I get a 403forbidden error message. I guess that is a permission matter. Ialso tried to create a component service to do it, but I obtainthe same error message. You have the code here, thanks inadvance.
Spanish:
Hola! Tengo un problema al enviar una petici?n de una p?gina aspa otra con HttpWebRequest. El sitio requiere de certificadospara poder entrar, as? que a la petici?n le a?ado un certificadopara que me permita abrir la p?gina asp. El problema es que meda un error 403 de prohibido. Supongo que ser? por alg?n tema depermisos pero no se solucionarlo. Tambi?n he intentado crear unservicio de componente que lo haga, pero me da el mismo error.Aqu? os dejo el c?digo para ver si le podeis echar un vistazo.
The code:
Dim datos, respuesta As String
Dim webReq As HttpWebRequest
Dim webResp As HttpWebResponse
Dim sw As Stream
Dim sr As StreamReader
Dim encodedData As New ASCIIEncoding
webReq = HttpWebRequest.Create(url)
webReq.Method = "POST"
webReq.Timeout = 60000
webReq.ContentLength = byteArray.Length
webReq.ContentType = "application/x-www-form-urlencoded"
Dim cert = X509Certificate.CreateFromCertFile(pathcertificado )
webReq.ClientCertificates.Add(cert)
webReq.AllowWriteStreamBuffering = False
sw = webReq.GetRequestStream()
sw.Write(byteArray, 0, byteArray.Length)
sw.Close()
'Obtenemos la respuesta del servidor
webResp = webReq.GetResponse()
sr = New StreamReader(webResp.GetResponseStream())
respuesta = sr.ReadToEnd()
sr.Close()
Gracias. Thanks
From: Jalyah TL
-----------------------
Posted by a user from .NET 247 ([url]http://www.dotnet247.com/[/url])
<Id>ecZR6QfZqE6zKK1zynJjRQ==</Id>
Jalyah TL via .NET 247 Guest
-
SubstandardSnowman #2 Asp.Net and SSL
I'm making an ASP.Net website using forms authentication. I want to force all
users to use SSL when using this application. I know that I can specify in
IIS to force the app to have SSL but I can't do my testing when I do this. Is
this the best way to accomplish this or is there a better way?
SubstandardSnowman Guest
-
Ken Schaefer #3 Re: Asp.Net and SSL
Why can't you do your testing with this setting on?
Cheers
Ken
"SubstandardSnowman" <SubstandardSnowman@discussions.microsoft.com> wrote in
message news:594574C1-8106-4FF7-AF9F-1F2769E524F8@microsoft.com...> I'm making an ASP.Net website using forms authentication. I want to force
> all
> users to use SSL when using this application. I know that I can specify in
> IIS to force the app to have SSL but I can't do my testing when I do this.
> Is
> this the best way to accomplish this or is there a better way?
Ken Schaefer Guest
-
SubstandardSnowman #4 Re: Asp.Net and SSL
If I turn this setting on then I can't open the project with VS.NET. I was
hoping to just be able to have it on all the time or some other method to
always force SSL but if this is not possible then I would just like to know.
"Ken Schaefer" wrote:
> Why can't you do your testing with this setting on?
>
> Cheers
> Ken
>
> "SubstandardSnowman" <SubstandardSnowman@discussions.microsoft.com> wrote in
> message news:594574C1-8106-4FF7-AF9F-1F2769E524F8@microsoft.com...>> > I'm making an ASP.Net website using forms authentication. I want to force
> > all
> > users to use SSL when using this application. I know that I can specify in
> > IIS to force the app to have SSL but I can't do my testing when I do this.
> > Is
> > this the best way to accomplish this or is there a better way?
>
>SubstandardSnowman Guest
-
Nicole Calinoiu #5 Re: Asp.Net and SSL
You can open web projects in VStudio even if their corresponding virtual
directories force use of SSL. You simply need to adjust the URLs used by
VStudio to refer to your project. For instructions, see
[url]http://groups.google.com/groups?threadm=unzN3btLEHA.3664%40TK2MSFTNGP10.phx .gbl&rnum=4[/url].
You can also test an application under SSL even if IIS doesn't force SSL
use. As long as there's an appopriate certificate installed and an SSL port
mapped, you can use an https address to reach your pages even if you're not
forcing SSL.
HTH,
Nicole
"SubstandardSnowman" <SubstandardSnowman@discussions.microsoft.com> wrote in
message news:777B43C9-49C9-4B1D-9626-231BE6AD0633@microsoft.com...> If I turn this setting on then I can't open the project with VS.NET. I was
> hoping to just be able to have it on all the time or some other method to
> always force SSL but if this is not possible then I would just like to
> know.
>
> "Ken Schaefer" wrote:
>>> Why can't you do your testing with this setting on?
>>
>> Cheers
>> Ken
>>
>> "SubstandardSnowman" <SubstandardSnowman@discussions.microsoft.com> wrote
>> in
>> message news:594574C1-8106-4FF7-AF9F-1F2769E524F8@microsoft.com...>>>> > I'm making an ASP.Net website using forms authentication. I want to
>> > force
>> > all
>> > users to use SSL when using this application. I know that I can specify
>> > in
>> > IIS to force the app to have SSL but I can't do my testing when I do
>> > this.
>> > Is
>> > this the best way to accomplish this or is there a better way?
>>
>>
Nicole Calinoiu Guest
Reply With Quote
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
