| Groups | Blog | Home |
asp.net security : testing SSL
I need to test our site before we publish our public website. The problem is our site uses SSL and I can not test SSL before I use our public www.OurCompany.com address. and www.OurCompany.com is mapped to our public address. We use internal IP/computer name during testing. Is there any way to test site with SSL encryption inside our LAN? Thanks, Allan
Allan,
All you need to test SSL is to install a web server certificate to your test server. You can issue this certificate yourself (i.e.: get it for free) if you run your own certification authority (CA). Your network administrator should be able to help you with this. If you are not already running a CA within your network, you can install the Microsoft Certificate Services application on any Window NT4 or higher server (including your development/test web server). For an introduction to using Microsoft Certificate Services to issue IIS certificates, see http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/c06iis.mspx. HTH, Nicole [quoted text, click to view] "A.M" <IHateSpam@sapm123.com> wrote in message news:ufGDhRsLEHA.3348@TK2MSFTNGP09.phx.gbl... > Hi, > > I need to test our site before we publish our public website. > The problem is our site uses SSL and I can not test SSL before I use our > public www.OurCompany.com address. > and www.OurCompany.com is mapped to our public address. > > We use internal IP/computer name during testing. Is there any way to test > site with SSL encryption inside our LAN? > > Thanks, > Allan > >
Thans Nicole for help.
Can I just create a fake www.OurCompany.com in our internal DNS and then buy the SSL key from verisign for www.OurCompany.com and test the application in SSL mode inside our LAN? Allan Can I just [quoted text, click to view] "Nicole Calinoiu" <nicolec@somewhere.net> wrote in message news:eQbC8ftLEHA.892@TK2MSFTNGP09.phx.gbl... > Allan, > > All you need to test SSL is to install a web server certificate to your test > server. You can issue this certificate yourself (i.e.: get it for free) if > you run your own certification authority (CA). Your network administrator > should be able to help you with this. If you are not already running a CA > within your network, you can install the Microsoft Certificate Services > application on any Window NT4 or higher server (including your > development/test web server). For an introduction to using Microsoft > Certificate Services to issue IIS certificates, see > http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/c06iis.mspx. > > HTH, > Nicole > > > "A.M" <IHateSpam@sapm123.com> wrote in message > news:ufGDhRsLEHA.3348@TK2MSFTNGP09.phx.gbl... > > Hi, > > > > I need to test our site before we publish our public website. > > The problem is our site uses SSL and I can not test SSL before I use our > > public www.OurCompany.com address. > > and www.OurCompany.com is mapped to our public address. > > > > We use internal IP/computer name during testing. Is there any way to test > > site with SSL encryption inside our LAN? > > > > Thanks, > > Allan > > > > > >
Allan,
You could, but that's not the usual approach to testing applications over https. In general, neither the name of the server nor the within-server path to the application should matter. You should be able to run your application internally at https://anyserver/anyfolder/ for testing purposes. All that matters is that the web site on "anyserver" be configured for SSL with a server certificate. Why pay for this certificate when you can get it for free (and even less time investment than applying to a commercial CA)? If you don't have an internal CA already and there's nobody on your team who has set one up in the past, the initial time investment might be a bit higher (but still probably no more than a few hours). Later setups and uses would probably run under 5 minutes. Acquiring a certificate from a commercial CA can take days to weeks, and you really don't want to deal with the hassle that would result if your commercially issued certificate ends up being "mishandled" in the dev/test environment... HTH, Nicole [quoted text, click to view] "A.M" <IHateSpam@sapm123.com> wrote in message news:el1w$rtLEHA.556@tk2msftngp13.phx.gbl... > Thans Nicole for help. > > Can I just create a fake www.OurCompany.com in our internal DNS and then > buy > the SSL key from verisign for www.OurCompany.com and test the application > in SSL mode inside our LAN? > > Allan > > > Can I just > "Nicole Calinoiu" <nicolec@somewhere.net> wrote in message > news:eQbC8ftLEHA.892@TK2MSFTNGP09.phx.gbl... >> Allan, >> >> All you need to test SSL is to install a web server certificate to your > test >> server. You can issue this certificate yourself (i.e.: get it for free) > if >> you run your own certification authority (CA). Your network >> administrator >> should be able to help you with this. If you are not already running a >> CA >> within your network, you can install the Microsoft Certificate Services >> application on any Window NT4 or higher server (including your >> development/test web server). For an introduction to using Microsoft >> Certificate Services to issue IIS certificates, see >> > http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/c06iis.mspx. >> >> HTH, >> Nicole >> >> >> "A.M" <IHateSpam@sapm123.com> wrote in message >> news:ufGDhRsLEHA.3348@TK2MSFTNGP09.phx.gbl... >> > Hi, >> > >> > I need to test our site before we publish our public website. >> > The problem is our site uses SSL and I can not test SSL before I use >> > our >> > public www.OurCompany.com address. >> > and www.OurCompany.com is mapped to our public address. >> > >> > We use internal IP/computer name during testing. Is there any way to > test >> > site with SSL encryption inside our LAN? >> > >> > Thanks, >> > Allan >> > >> > >> >> > >
Hi Allan,
I'm viewing this thread and found that many other community members are discussing with you in another thread named "RE: Client Side Certificate" in this newsgroup. If you feel it convenient that we continue to focus on that one, please feel free to post there. Thanks. Regards, Steven Cheng Microsoft Online Support Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.)
Nicole,
I want to apprecite you for refering me to that link!! I just implimented the certificate server and it worked fine!! It was so well explained and i am happy to know William R. Stanek the book's author. Thanks, Alan [quoted text, click to view] "Nicole Calinoiu" <nicolec@somewhere.net> wrote in message news:eQbC8ftLEHA.892@TK2MSFTNGP09.phx.gbl... > Allan, > > All you need to test SSL is to install a web server certificate to your test > server. You can issue this certificate yourself (i.e.: get it for free) if > you run your own certification authority (CA). Your network administrator > should be able to help you with this. If you are not already running a CA > within your network, you can install the Microsoft Certificate Services > application on any Window NT4 or higher server (including your > development/test web server). For an introduction to using Microsoft > Certificate Services to issue IIS certificates, see > http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/c06iis.mspx. > > HTH, > Nicole > > > "A.M" <IHateSpam@sapm123.com> wrote in message > news:ufGDhRsLEHA.3348@TK2MSFTNGP09.phx.gbl... > > Hi, > > > > I need to test our site before we publish our public website. > > The problem is our site uses SSL and I can not test SSL before I use our > > public www.OurCompany.com address. > > and www.OurCompany.com is mapped to our public address. > > > > We use internal IP/computer name during testing. Is there any way to test > > site with SSL encryption inside our LAN? > > > > Thanks, > > Allan > > > > > >
Don't see what you're looking for? Try a search.
|
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |