Active News 15 Seconds Weekly Newsletter • Complete Coverage • Site Updates • Upcoming Features More Free Newsletters Reference News Articles Archive Writers Code Samples Components Tools FAQ Feedback Books Links DL Archives Community Messageboard List Servers Mailing List WebHosts Consultants Tech Jobs 15 Seconds Home Site Map Press Legal Privacy Policy internet.commerce internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers Compare products, prices, and stores at Hardware Central!

Using MS Certificate Server To Create SSL By 15 Seconds Discussion List Rating: 3.5 out of 5 Rate this article email this article to a colleague suggest an article Charlie Asks: I have heard that Win2000 Certificate Server can create a certificate which can be used in IIS like a Verisign certificate in order to create SSL sessions. I have spent 8 hours reading through the documentation and can't tell if it is true. Has anyone here done this or know of a resource where I could find out how to do it? Just want to have https availalbe on the Web server and wanted to try the Microsoft solution if it works. I created a request file in IIS but can't see anyway for Certificate Server to recognise it. Any help would be appreciated! Thanks! Neil Chimes in With: Yes, Certificate Server will do what you ask. It's pretty straightforward really. Just create your request file on the server for which you want the certificate. Then run Certificate Server, either on the same box or another, it doesn't matter. Certificate Server will ask for the certificate request file and then spit out a certificate. Take the certificate and install it on the targeted server. Voila! It's not good for production, only in that you'd have to establish the certificate server on the Web (or on your intranet if you're just developing an intranet app), so that clients could verify the authenticity of the server certificate. Of course, since you are the user and the issuer of the certificate that doesn't really mean much. I'll assume you know all about PKI and I'll just shut up now :) Arnold Concludes: See Microsoft's How to Configure Certificate Server for Use with SSL on IIS. Yes, CS will do that. But there's more; Browsers come pre-configured with a list of CAs, and if you're using one of them (like VeriSign), then your users won't be annoyed by an "is it OK" challenge. With yours, they will. A minor point, but its acceptability to your clients will depend on the kind of relationship you have with them. The charge for a 3rd-party Cert is far less that the cost of the hours you've put in so far, I'll guess. Consider the bigger pic. This conversation string was taken from the 15Seconds ASP Listserv on 1/29/01. If you have an ASP-related question or would like to share some of your knowledge with others, you may join the list by clicking here. Rate This Article Not Helpful Most Helpful 1 2 3 4 5 Supporting Products/Tools AspEncrypt Built around the Microsoft CryptoAPI, AspEncrypt helps you harness all major encryption and hashing algorithms such as DES, Triple-DES, RC2, RC4, RSA, MD5 and SHA1 in just a few lines of code. The component can be used in tandem with AspEmail to send encrypted and signed mail in the industry-standard S/MIME format, or with AspUpload to encrypt files as they are being uploaded. AspEncrypt can also be used to issue and manage X.509 digital certificates. [Top] AspPDF AspPDF is an ASP/ASP.NET component which enables generation and management of documents in PDF format. Features include advanced text formatting, font embedding, form fill-in, images, tables, content and page extraction, document stitching, encryption, digital signatures, and more. [Top] Other Articles Feb 3, 2005 - ASP.NET Mixed Mode Authentication In many web applications it is desirable for both intranet users and external parties to be able to seamlessly log onto the system. The problem this raises is that it is not easy to allow intranet users to log in via Windows integrated authentication while also allowing external parties to log in to the same application using standard forms authentication. This article will show you one way to achieve the best of both worlds when it comes to authentication. [Read This Article]  [Top] Dec 8, 2004 - Designing Role-Based Security Models for .NET In this article, Michele Leroux Bustamante discusses authentication, authorization and role-based security in .NET. Along the way, he provides some best practices for implementing role-based security in some typical .NET application scenarios including rich clients, Web applications, and Web services. [Read This Article]  [Top] May 11, 2004 - SharePoint Security and .NET Impersonation When implementing custom components that require access to restricted resources, implicit impersonation must be used. Jay Nathan shows how to create a class that makes using .NET Impersonation a snap. [Read This Article]  [Top] Mar 10, 2004 - Intellectual Property Protection and Code Obfuscation Learn about the execution process of CLR-based programs and how to protect your applications from being easily disassembled back into source code. [Read This Article]  [Top] Feb 24, 2004 - How to Send Secure Mail in ASP-Based E-Commerce Applications - Part II Businesses that utilize encrypted e-mail may find Secure Multipurpose Internet Mail Extensions (S/MIME) to be somewhat restrictive. This article shows how to use security features in PDF as an alternative to S/MIME. [Read This Article]  [Top] Feb 2, 2004 - Fighting Spambots with .NET and AI Bill Gates, in a recent interview, predicted the end of spam by 2006. One of the methods he mentioned involved a challenge only a real live person could handle. Adnan Masood shows how to use AI and .NET to create a user verification scheme that incorporates similar concepts Gates alluded to. [Read This Article]  [Top] Jan 21, 2004 - Configuring .NET Code Access Security Code Access Security (CAS) is the .NET Framework security model that grants code permission to resources based on "evidence" pertaining to the encapsulating assembly. In this article, David Myers examines CAS and explains different configuration methods. [Read This Article]  [Top] Mar 10, 2003 - Platform Neutral and Transparent Encryption of Sensitive Customer Information Zhenlei Cai combines an open source C++ encryption library with SQL Server extended stored procedures to create a platform neutral, transparent encryption solution that resides at the database layer. [Read This Article]  [Top] Jan 15, 2003 - Exploring Machine.Config - User Security and More Christopher Spann offers a .NET configuration tip that should help ease system administrators' fears of security compromise and thus assuage growing developer demand for a .NET environment. [Read This Article]  [Top] Dec 10, 2002 - Encrypting Cookie Data with ASP.NET You don't have to be a cryptography expert or spend lots of money on third-party components to secure sensitive data in .NET. In this article, Wayne Plourde shows just how easy it is to encrypt cookie data using encryption classes in the .NET System.Security.Cryptography namespace. [Read This Article]  [Top] Mailing List Want to receive email when the next article is published? Just Click Here to sign up.

Support the Active Server Industry Search: WebMediaBrands Corporate Info Legal Notices, Licensing, Reprints, Permissions, Privacy Policy. Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs Solutions Whitepapers and eBooks Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications Adobe Article: Java Developers Finding a Home at Adobe Flex IBM Articles: A Smarter Business Needs Smarter Technology Intel Xeon Processor Increases Server Efficiency and Capabilities Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise Oracle Whitepaper: Using Oracle In-Memory Database Cache to Accelerate the Oracle Database Oracle Whitepapers - Innovation for IT Leaders Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT Internet.com eBook: IT Manager's Guide to Social Networking Internet.com eBook: Get Ready for Windows 7 Microsoft Article: Expression Web 3--New Features for PHP Developers Whitepapers: Manage Your Business Infrastracture with IBM Whitepaper: Maximize Your Storage Investment with HP Internet.com eBook: Becoming a Better Project Manager Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Webcast: Connecting PHP to Microsoft Technologies Video: Microsoft Partner Program Benefits Video: Windows Azure Debugging Tips SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports IBM Webcast: Speed Business Innovation with Reduced Cost and Risk Video: Deploy Applications on Windows Azure MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Downloads & Free Trials: Microsoft's New Efficiency Resource Center Get the Windows 7 SDK Free Trial: Red Gate SQL Backup Pro 6 Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Virtual Lab: Migrating PHP Applications Enabling Web Slices and Accelerators with a PHP Site Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products All About Botnets MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES