CRL checking by IIS

·         When a Client certificate is presented to an IIS website, IIS looks for the CRL verification to determine the validity of the certificate, much in a similar way a browser does the CRL checking for an SSL enabled website. When IIS receives the client cert it looks into the CDP (CRL Distribution point) under…


Internet Explorer 6 may fail to open an SSL Web site after installing MS10-049

You may see this behaviour when accessing an SSL enabled Website through IE 6.0 after installing MS10-049. “The Page cannot be displayed” This can happen for websites that use TLS security protocol for encryption. If you are experiencing this behaviour please check the following support KB for more information.

Failing to run ADSI scripts remotely against IIS?

If you are trying to run an ADSI/WMI Script remotely from a client machine which gets information the from IIS web server around websites etc. you may see this: “Invalid syntax” or error code 800401E4 Or Microsoft VBScript runtime error: The remote server machine does not exist or is unavailable: ‘GetObject’ In my script I…


Debug.Assert does not launch a popup window on IIS7 while debugging in Visual Studio

If you are trying to debug an IIS 7 hosted web application using Visual Studio and trying to use System.Diagnostics.Debug.Assert()/System.Diagnostics.Trace.Assert() in your code to launch a popup window it will not work. However you can write the output to a log file using the following: <configuration> <system.diagnostics> <assert assertuienabled="true" logfilename="c:\\myFile.log" /> </system.diagnostics> </configuration> You can…


Are you seeing 401’s too often for HTTP web requests?

We often hear concerns from our customers saying that they are seeing performance issues because of extra round trips being made to the Web server while requesting for web pages. Where they expected just one sequence of 401.2/401.1/200 (NTLM) or 401.2/200 (Kerberos) they are seeing the sequence more often for the subsequent page requests. They…


Required permissions when calling a Web service using client certificate for authentication in an ASP.NET Web application

A Web service requiring Client certificate authentication is a common scenario. You may have a client application which needs to send the Client certificate as part of the web request for accessing the web service. This client application may be a Windows/Console application or another Web application. Often you will get into issues wherein you…


Avoid this confusion around Client certificate mapping in IIS 6.0/7.0

I just wanted to add this quick post around Client certificate Mapping on IIS. This is focused on 1-to-1/Many-to-1 mapping in IIS 6.0/7.0. If you are interested to know more about configuring Client certificate mapping in IIS 6.0 please check this post of mine and for IIS 7.0 this is an excellent article. Recently a…


Some Info around WebDAV content access issues

If you have a Web folder (WebDAV) hosted on IIS using Basic Authentication there are a few things you need to ensure such that any client accessing the resource does not get into failures. If your WebDAV site is restricted using Basic authentication and you are trying to access it over HTTP, access may fail….


SSL Troubleshooting for IIS Web Sites contd…

Recently a colleague of mine was working on a customer’s case which was a Critical level incident. High pressure job, huhh! The issue was with SSL not working for one of their web sites. They were seeing “Page cannot be displayed” when trying to access this site over SSL. It worked just fine over HTTP….