I have very much experience of asp.net developement. But i have never dealt with https. In my one project i require 2/3 page with https. So please any one can explain me how i can start with https. Please explain me in detail about about developement cycle, and any other if there is any settings.
What I want to do is like the web browser. When you visit a https web site, the browser will download and install the X.509 Certification automatically.
I have a application which will be installed in PC, and the application will post to a https website. So if the certification is expired, the App should download a new one.
So, how can I get the certification? A stream is always good, I can make it to certification.
I have a web site that is running under HTTPS on my web server, On my master page I have an image and no one can see the image accept for me if I access the web app from one of my two pc's.
What would cause the users not to be able to see the image on my default page? I have the site running under https and using the asp.net membership controls.
In my page I have the image like this <img src="../App_Themes/Images/CompLogo.gif"/> and no one can see it but me.
I have setup an ASP web application that uses SSL to secure the login pages, but when I try to access the site using HTTPS on both local test sever and deployment server I get an error stating the connection was interupted
first i want to know most of the e-mail like gmail,yahoo,hotmail etc.. they are all uing https when we comes to login area.. why there are using on that time only https...i also need to implement same in my web application...
I have a part of my website that uses SSL, and a part that does not. I began having issues recently where the link that takes you to the https part of the site would keep getting rerouted to http. In IIS I have SSL on and required for the members directory, and the certs are all fine. My site is http://mcsd-sc.mcbarons.manheimcentral.org/. I first started by routing the pages directly to the secure part using the <meta http-equiv="refresh" content="0;url=urlgoeshere" /> on a redirect page in the /members directory and this was working perfectly. When my issues started, changed it and made the link just go directly to the members part of the site with the https included in the URL (this is how it is now). Now when you click the link it takes you to the member page without using https, thus throwing an error because I have SSL required on that part of the site. When you look at the code in IE, it just shows the direct link using plain HTTP. When I open the code directly on the server, I see the URL beginning with HTTPS. I've been having a lot of issues lately with updated content not refreshing itself, and rebooting the server does nothing. At this point I'm stumped. I think it might be something in IIS, although I haven't touched it in a long time, unless a recent security update messed it up, which is the only explanation I can think of that would screw it up all of a sudden. The site works perfectly when you manually type https. I thought it might have also been my cache, but I just tried it on a computer that I haven't ever gone to the site on before and I got the same issue.
I am new to .net and i'm stuck with the following issue.
I have a windows GUI application and i need to communicate with a firewall using HTTPS protocol. I did some search on google and the results retrieved showed to use HTTPWebRequest and HTTPWebResponse objects.
But does this objects us HTTP protocal or does it work for HTTPS also. also is SSL required for HTTPS protocol. For SSL we need some security certificate. How to retrieve that certificate. Will a certificate need to available in each client machine
I'm not sure how much of a novice-level question this is. But it seems a fairly basic and common task. So here goes...
I am building a web application that will require some pages, but not all, to use a SSL (https:). How do I designate a particular page to be one or the other? Or do I need to create two separate projects and just have them pass the user back and forth as needed?
I am using Visual Studio 2008, with the Web Site Administration Tool handling users and roles. However I will also be handling very secure data such as social security numbers and the like.
Okay, so I have a site which I'd like to use my SSL certificate for always. So I want all users to be forced to the https version of any url they are directed to.I used this code in my global.asax file:
[Code]....
I've also tried it in the 'Application_BeginRequest' function also. Basically, I have two directories that are secured via Windows Authentication against my domain. if you browsed to the directory (ex. http://www.domain.com/secure) it tries first to authenticate then redirect to https://www.domain.com/secure. In this case it will ask for credentials twice one right after the other. Is their a way I can have the user redirected before Windows Authentication kicks in?
This works fine. If there is no ssl connection, the login form doesn't continue. But I would like to check if ssl is active (in codebehind) and, if it's possible, to automatically the user to the https page if he's currently on http. (I could do this job by manually redirect with page.response("https://url... login.aspx"); but this is not really generic. For example if the webapp is moved to another domain it doesn't work anymore... I'm looking for something like: FormsAuthentication.RedirectWithSSL();
I am using partially secured pages ( SSL). Now the problem is when I am switching between HTTPS and HTTP, I am losing my session. I tried storing session in Sql Server Database, its still not working. I am using just ONE web server and all pages are in single application.I am using Sql server 2008 ,IIS 7.0, C#.Net 3.5 I created a self signed test certificate to test my application.
I understand that I am losing my session because my urls are changing with https and http but there has to be someway to overcome this problem. I dont want to put unnecessary load on pages which do not have sensitive data by using https.
is it possible to preserve authentication for ASP.NET Forms authentication cookie,btween Http and Https (different domains) and back?I mean haveing single signon for two domains say http://www.mydomain.com and https://members.mydomain.comI've seen on quite asp.net sites that have a 'MyAccount' section they transfer the site to https and then when you have logged into your account successfully and gone back to the majority of the site you move back to http whilst still being logged in.
The site is written in vb.net, and accessed via https.User randomly meets the warining dialog"This page contains both secure and non-secure items.Do you want to display the non-secure items?", after clicking 'Yes', 404 not found error page will be displayed, but by refreshing, the warning dialog and 404 page all gone. Also by viewing source code from IE, I found '<meta content="Http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema">' where only uses http protocol, Does this have any thing with the error user meets?
I developed a simple application running in IIS 6 under an http protocol. for the security purposes our company provide a certificate unfortunately my application is not functioning in https. i can still access it in http...
We just moved an ASP.net application to a new server and are now getting this error when we try to return to a page: Http/1.1 Service Unavailable
In testing, I find that the address of the page does not include the SSL designator. It is trying to use http:// instead of https://. This value is coming from the Context.Request.Url property of the page.
why Context.Request.Url would not return the "https" for a page under SSL?
I have a zealous network administrator who insists that we must use https on an intranet web application in order to safeguard user's credentials. The app is an asp.net web app that uses Windows Authentication to automatically identify users and log them in. There is no login dialog and user's never enter their login or password. The application does not process any confidential data, and the only rationale for requiring https is to "safeguard" users credentials. Additionally he stated that ntlm can be easily hacked.I responded with some information from an MS white paper on Windows Authentication that said it was the recommended way of authenticating users, and that user's credentials were safe because their passwords are not transmitted across the network when the application authenticates them since it sends a hash of the password.
I'm pretty new at configuring IIS and working with SSL. I've been having difficulty with switching from the HTTPs protocol to the HTTP protocol. I had set a small part of our website to the HTTPS protocol since it has an SSL certificate for online commmerce.
When users go through that part of the site the HTPPS protocol is set and runs fine, but when they try to leave by, say, clicking on a link to another part of the site (after they have visited the secured portion of the site) the HTTPS stays in the url. Is there something I'm doing wrong?
This is how the HTTPS is set on the site: this code is placed in an sslredirect.asp page located in a "SSL" folder:
<% Response.Buffer = True If (Request.ServerVariables("HTTPS") = "off") Then sQ = Request.ServerVariables("QUERY_STRING") sURL = "https" & Right(sQ, (Len(sQ)-8)) sURL = Replace(sURL, ":80", "") Response.redirect(sURL) End if %>
Am using a LoginView control which when clicked on I wish to go to the login page but in https not http, login under https then back to an http page. Would like to do the same when the visitor creates a new user with the CreateUserControl.