I have IIS asp.net website which it connects to a remote webservice requires client certificate, I have the client certificate installed on our computer hosting iis, But when connecting from our iis to the remote service we got error as our iis can't find client certificate in currentuser or localmachine store!!! How to solve?
Related
I am performing a task to authenticate a Active-directory B2C instance in Azure from a local ToDo WebApp using a local WebAPI service.
I have created 2 Apps App1 and App2, apart from adding a B2C instance in a trial-version subscription of Azure. In local windows 10 OS, in Visual-Studio, I collected code for the ToDo Webapp and WebAPI Service as per a Microsoft-blog here
However, when I start the WebAPI service, and run the ToDoWebapp, the login after creating a user works fine, but after that, for any call to the service, I get the error-page with the message:
AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
HttpRequestException: The SSL connection could not be established, see inner exception.
How can one resolve this error?
Please check below points:
Installing the .NET Core SDK installs the ASP.NET Core HTTPS
development certificate to the local user certificate store as part
of the first-run experience, but it is not trusted. To trust the
certificate, perform the one-time step to run the dotnet dev-certs
tool.
Check the certificates in the certificate store.Find
localhost certificate with the ASP.NET Core HTTPS development
certificate both under Current User > Personal > Certificates and
Current User > Trusted root certification authorities > Certificates
Try to remove all found certificates by checking carefully from both Personal and Trusted root certification authorities.
Note: Do not remove the IIS Express localhost certificate.
Try to run the following commands in .NET CLI and try again
dotnet dev-certs https --clean
dotnet dev-certs https --trust
Note: Untrusted certificates should only be used during app development. Production apps should always use valid certificates.
References:
Trust the ASP.NET Core HTTPS development certificate on Windows and
macOS
Enforce HTTPS in ASP.NET Core | Microsoft Docs
Ι have an IoT device posting data to a web app hosted to IIS 6.2.
Posting with http is working perfectly. When i change it to https i am getting handshake error.
The same web app has web interface that uses the same SSL certificate and works perfectly on all browsers. Thus I guess, that SSL setup is correct.
I have tried to change the server certificate with a self signed certificate create from IIS with the same results.
I have also tested the IoT device to other servers with SSL and it works.
Here is the wireshark communication
and here are the SSL protocols available on server
i am also attaching a report from ssllabs
any ideas?
I have developed a RESTful web service using Node.js. I want to host this service on my home PC which is having static IP(which can be access from internet). But I want to host this service using SSL. Note that my home PC is not associated with any internet domain. So I want to know how to host my Webservice using ssl on my home PC. Also I want to know where to buy ssl certificate and what type of certificate? Because most of the certificate authorities who sells certificate talking about ssl for website only.
In Azure, I set up the Windows Server 2012 R2 FTP service properly and have no problems connecting via the standard Windows 7 FTP client when the server-side setting is "Allow SSL". My endpoints are properly defined, etc.
However, when I change the setting to "Require SSL", I am unable to connect. I set endpoints for FTP SSL ports 989 and 990. I have a certificate installed properly (bound to HTTPS port 443). I selected the same certificate for use with FTP.
Note: When the server is set as "Allow SSL", Filezilla connects using TLS successfully. Neither FileZilla nor the Windows 7 FTP client can connect when the server is set as "Require SSL".
I want to require SSL connections when using the Windows 7 FTP client. I do not care about FileZilla (that was just for testing). I cannot find any walk-throughs or examples where the author uses the "Require SSL" setting on an Azure machine.
Suggestions to fix?
Is there a way to programaticaly install a ssl cert for iis 6 and 7?
Yeah try IIS 6.0 Resource Kit Tools:
http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&displaylang=en
It includes a tool called: IISCertDeploy.vbs. This is a tool for deploying and for backing up SSL certificates on servers that run IIS 6.0. You can use IISCertDeploy.vbs to deploy the certificate to a local server, to a cluster of servers, or to a remote server. You can also use IISCertDeploy.vbs to back up a certificate by exporting the certificate from a Web site to a Personal Information Exchange (.pfx) file that contains both the private key and the public key.