Login :: Register
General Topics
 Glossary

 Management Scripts
 Installation
 Configuration
 Administration
 LogFiles/Reporting
 Performance Tuning
 Securing Your Server
 Troubleshooting

 Software & Tools for IIS
 IIS State (Crash Utility)

 More Topics...
HostedbyMaximumASP170x35
2005 IIS MVPs
 IIS MVPs for 2005
 What is MVP
Other IIS Sites
 IIS Active
 IIS Answers
 IIS Lists
 IIS Toolshed
 IIS Training
 IIS Resources
  Secure Socket Layer 

What is SSL?

Secure Sockets Layer (SSL) is a security standard designed to provide secure connections on the Internet. Using an SSL solution, you can encrypt confidential data and exchange it over the Internet between Web servers and clients. The minimum components of an SSL solution are an SSL-equipped server, an SSL-equipped client, and a public-key certificate installed on either the server (typical) or the clients (the exception), or both.

Although an SSL solution typically has the public-key certificate installed on a Web site on the server only (in which case it is often called a server certificate) the data sent by both the server and the client are encrypted. This can be confusing. The server owns the certificate, but both parties to the transaction get access to the keys used for encryption. The server certificate is used to satisfy the client that the service provider is trustworthy. The authentication method used by the server to authenticate the client establishes that the client is trustworthy. Now a secure, encrypted two-way communication ensues, using public, private, and secret keys for encryption and decryption of the data sent over the Internet.

 SSL Diagnostics Version 1.0 (ia64)

A common problem for administrators of IIS servers is configuring and troubleshooting SSL enabled Web sites. To assist in administrators efforts, Microsoft has designed a tool - SSL Diagnostics - to aid in quickly identifying configuration problems in the IIS metabase, certificates, or certificate stores.

This tool allows users to review configuration information in a easy to read view mode or to run the tool silently with only the creation of a log file. During use, administrators can simulate the SSL handshake to find errors. They can also quickly "hot swap" certificates for testing purposes.

To download th SSL Diagnostics tools please go to the following URL:
http://www.microsoft.com/downloads/details.aspx?FamilyID=083d0066-d89d-4d95-90a9-6a94dd2bbc36&DisplayLang=en

FAQ
What is a public key, a private key, and a secret key?
What type of warnings can the client see when connecting to a SSL web site.

SSL Certificate Suppliers
Thawte Digital Certificate Services
Try a free SSL Certificate from VeriSign
VeriSign

Secure Socket Layer (SSL)
Base64 Content-Transfer-Encoding
Error Occurs During SSL Connection
How to Use ASP to Force SSL for Specific Pages
  It is often good security practice to require Secure Sockets Layer (SSL) for certain pages on a Web site. Although this can be configured through the Internet Services Manager (ISM) in the Microsoft Management Console (MMC), you can also use Active Server Pages (ASP) to force SSL for specific pages without making changes in the MMC.
 

Microsoft Knowledge Base Articles (KB)
Can't Connect to SSL-Enabled Site and/or Server Stops Responding
Error Message: This Security Certificate Was Issued by a Company that You Have Not Chosen to Trust
  The root certificate of the Certificate Authority (CA) that issued the Web site's certificate is not in the client browser's Trusted Root Certification Authority store. The message does not affect the establishment of a Secure Sockets Layer (SSL) session between the client and the server.
  
Host Headers Not Supported When Using SSL
  When you use Secure Sockets Layer (SSL), HTTP 1.1 Host Headers will not function. This is because Host Headers are included in the encrypted request.
 
How to Configure Secure Sockets Layer Server and Client Cache Elements
How to Install a Certificate
How to Troubleshoot SSL in Internet Information Server 4.0
IIS Key Manager Only Allows 512-Bit Size Key
Key Manager Started from MMC Does Not Return Focus

IIS5
Cannot Make an SSL Connection After Exporting and Importing an SSL Certificate
Generating a Certificate Request File Using the Certificate Wizard in IIS 5.0
  The Certificate Wizard that comes with Internet Information Services (IIS) 5.0 makes managing server certificates easier than ever before. This article describes how to create a certificate request file using the wizard.
  
I am getting the message The Page Cannot Be Displayed . . . Cannot Find Server or DNS Error
  When you attempt to connect through Secure Sockets Layer (SSL) to an Internet Information Services (IIS) 5.0 Web site with Certificate Services 2.0 installed, the following error message my be returned to the browser:

The Page Cannot Be Displayed . . . Cannot Find Server or DNS Error

Microsoft Internet Information Services version 5.0
Microsoft Certificate Services, version 2.0

  
Installing a New Certificate with Certificate Wizard for Use in SSL/TLS
  In order to provide secure communications (SSL/TLS) in Internet Information Services (IIS) 5.0, a server certificate is required on the site you want to provide the service on.
 

How do I?
How do I force my users to use HTTPS even if they specify just www.site.com
How to automatically change from http to https for a specific folder
How to Install SSL - Part 2 - Installing the Certificate
How to Map a Client Certificate to a Windows NT User Account
How to Read and Analyze a Client Certificate
How to Remove a Server Certificate from an Internet Information Services 5.0 Web Site
How to Request and Install an SSL Certificate on IIS 4
How to Use Certificate Server-Generated CA Certificates with Netscape Navigator
HOW TO: Enable SSL for All Customers Who Interact with Your Web Site
HOW TO: How to Install/Uninstall a Public Key Certificate Authority for Windows 2000
HOW TO: Install a Certificate for Use with IP Security
Step/Step guides about setting up Certificate Services and Mapping Certficates
The Certificate Server Did Not Start: Unable to Initialize the Database Connection
  After you install NTOP version of Certificate Server on incompatible ODBC versions, the Certificate Server Service does not start.

There is an incompatibility between the NTOP installer and the ADO (Jet database) of MDAC 2.1 which shipped in Internet Explorer 5. This incompatibility causes Certificate Server to create a UserDSN for certsrv instead of the necessary SystemDSN.

 

Certificate Server
The Certificate Server Did Not Start: Unable to Initialize the Database Connection
 This site and its contents are Copyright 1999-2004 by IISFAQ Microsoft Corporation in no way endorses or is affiliated with IISFAQ