Password is seen in Clear Text when configuring Client Certificate Mapping using Configuration editor in IIS 7/7.5

Most of the time I write blogs to help myself find things easily. It is easier to search things when you know where to search them for. So I thought of blogging this topic as I keep encountering it more often and then spend quite some time figuring out what the fix was. Many of… Read more

Error While Compiling ASP.NET 4.0 application

Recently, I ran into issues while writing an ASP.NET 4.0 application. I tried to remember if I had meddled with anything or deleted any components by mistake. This was the error I get when trying to compile my application: Could not load file or assembly ‘Microsoft.VisualStudio.Web.Runtime, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies. The… Read more

Taming the Beast (Browser Exploit Against SSL/TLS)

Two researchers recently discovered a known vulnerability that existed in CBC based ciphers, but was considered theoretically impractical, until then. This vulnerability exists in all CBC based ciphers used in SSL V3/TLS 1.0. The researchers Juliano Rizzo and Thai Duong demonstrated proof-of-concept code called BEAST (Browser Exploit Against SSL/TLS) at the Ekoparty security conference held… Read more

Support for SSL/TLS protocols on Windows

***********Updated on 4th October 2017*********** NOTE: Support for TLS 1.1 and TLS 1.2 is now available in Windows Server 2008 SP2. Install the following update: Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2  Secure Socket Layer (SSL) and its successor Transport Layer Security (TLS) are protocols which use… Read more