http://forums.iis.net/search/SearchResults.aspx?o=DateDescending&tag=ssl+Server+Certificate&orTags=0Search results matching tag 'ssl Server Certificate'en-USCommunityServer 2007 SP1 (Build: 20510.895)http://forums.iis.net/p/1154109/1888980.aspx#1888980Mon, 05 Jan 2009 04:15:03 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1888980stamtarmsecurity--1<div><font face="Arial" size="2">I&nbsp;have tried several times, revoke and replace certificate, and asked&nbsp;Verisign for help too. But at the end it still failed.</font></div> <div>&nbsp;</div> <div>Error message are shown as below:</div> <div><font face="Arial" size="2"></font>&nbsp;</div> <div><font face="Arial" size="2">- When installing the certificate: </font></div> <div><font face="Arial" size="2"><font face="Arial" size="2">&quot;Failed to install certificate, </font><font face="Arial" size="2">keyset does not exists&quot;</font></div> <div>&nbsp;</div></font> <div><font face="Arial" size="2">- When trying to export the private key using MMC function, the option for &quot;Export private key&quot; is disabled and it says </font><font face="Arial" size="2">&quot;Notes: The associated private key cannot be found.&nbsp; Only the certificate can be exported.&quot;&nbsp;&nbsp;</font></div> <div><font face="Arial" size="2"></font>&nbsp;</div> <div><font face="Arial" size="2">I have changed the permission of the administrator and system&nbsp;account to Full Control for the following folders and files already:</font></div> <div><font face="Arial" size="2">Folders</font></div> <div><font face="Arial" size="2">C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA</font></div> <div><font face="Arial" size="2">C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys</font></div> <div><font face="Arial" size="2">C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA</font></div> <div><font face="Arial" size="2"></font>&nbsp;</div> <div><font face="Arial" size="2">All files inside the following folder</font></div> <div><font face="Arial" size="2">C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys</font></div> <div>&nbsp;</div> <div>Please kindly assist!! Thank you very much!!</div> <div>&nbsp;</div> <div>sta</div>http://forums.iis.net/p/1152787/1883609.aspx#1883609Mon, 03 Nov 2008 15:01:01 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1883609Carrotssecurity--1<p>&nbsp;In the IIS logs, our client has found a bunch of 403.7 64 &#39;s being logged. Most of them are to /VirtualDirectoryName, for example:<br /><br />2008-10-30 06:41:00 W3SVC3 xxx.xxx.xxx.xxx GET /VirtualDirectoryName - 443 - xxx.xxx.xxx.xxx Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506<br />.30;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) 403 7 64<br /><br />These happen quite often, sometimes 4 or so requests in a row.<br />Directory browsing is disabled on the sites, and the default page is set to default.htm which exists, so theoretically, there should be no requests for the path.<br />I have enabled schannel logging, but couldnt find one matching the timestamp in IIS. For example, in IIS we have one for 2008-10-30 11:49:50, and in event viewer we have one for 11:49:52 and one for 11:49:45. I also couldnt find a patter that makes it look like the one is trailing the other by a couple of seconds.<br /><br />All the IIS requests are on port 443, none are on 80.<br /><br />Schannel logs information events, but no warnings.<br />The client confirmed that the system logs and IIS logs were from the same server.<br /><br />They run Windows 2003 x64 R2 on a NLB cluster. The machines in the testing environment is a single machine only.<br />I am able to intermittently reproduce it on my own environment (XP 64). One out of 20 times doing the exact same actions will give me the error in the logs. The error does not affect the user at all.<br /><br />Testers currently test on Windows XP 32, with IE6, IE7 and Firefox, using software certs, or in some cases USB tokens. I replicated using a software cert.<br /><br />Now this does not sound like something I should be spending my time on, but the client is being audited, and this has been raised as a concern by the auditing company.</p>http://forums.iis.net/p/1152358/1881921.aspx#1881921Mon, 13 Oct 2008 18:54:58 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1881921mybestguesssecurity--1<p>It as been the recent task of our team to come up with both short and long term solutions to the concern of SSL security on our sites.</p> <p>The first solution off the top of the head is to do 1 of the following 2.&nbsp; Either take the pain and time consuming option of coding each individual website to rediret to https to use ssl.&nbsp; The second approach would be to have IIS force a redirect to the https and www paths.</p> <p>The catch is what would be the best approach.&nbsp; I am thinking of a quick and easy temporary solution first.&nbsp; Then a long term solution.&nbsp; But the long term solution has a catch.&nbsp; In the next few months (early - Mid 2009) we are moving to Server 2008 with IIS7 and that may negate the changes necessary in IIS6.</p> <p>Any and all suggestions are appreciated on this matter.&nbsp; If you have any suggestions regarding the best way to add SSL to existing sites please let me know.&nbsp; I would like to try and avoid a manual reprogramming of that many websites.&nbsp; Thank you</p> <p>MBG</p>http://forums.iis.net/p/1149877/1871743.aspx#1871743Sat, 14 Jun 2008 16:44:32 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1871743saquib189iis7_-_security--1<p>Hi, I got the 14 days trial certificate from Verisign for testing my site. www.saquibs.com and i have windows vista workstation but i don&#39;t know how to install the ssl certificate and also get the Intermediate CA cerificate code which i save on .cer file . so please help me how can i enable ssl on my remote site. thank you </p>