Reverse Proxy and SSL configuration problems ...

From: Brian D. (katiesoft1_at_yahoo.com)
Date: 03/29/04

Next message: Roger Corrie: "Re: Image Web Part Section 508 Compliance"
Previous message: Ryan Miller: "Re: Is it possible to avoid username/password prompt when accessing an unauthorized doc. lib"
Next in thread: Ian Morrish: "Reverse Proxy and SSL configuration problems ..."
Reply: Ian Morrish: "Reverse Proxy and SSL configuration problems ..."
Messages sorted by: [ date ] [ thread ]

Date: 29 Mar 2004 06:55:34 -0800

We are trying to setup WSS (and at some point SPS), using a reverse
proxy and SSL. We are getting problems because some of the WSS pages
are hard coded "http" into variables, view state and such. the proxy
machine is translating most of the URLs, but some of them it can't
translate. We also tried setting up the WSS box to run SSL so that
the proxy machine can make an SSL connection to it, this had some
problems too. We don't want for users to directly connect to the IIS
machine.

First, does anyone know if this is a supported configuration? If yes,
is there any documentation that addresses this config?

If this is not a supported configuration, and we must put our IIS
machines in a DMZ, can someone point me to a document that outlines
every single port and protocal that needs to be open for this to work?
Opening up tons of ports on the firewall so the IIS machine can talk
to DB & AD doesn't seem like an acceptable solution to our security
people. However, if the list was small enough, we could probably sell
that. All lists I have seen includes wide ranges of ports for the AD
communications.

Next message: Roger Corrie: "Re: Image Web Part Section 508 Compliance"
Previous message: Ryan Miller: "Re: Is it possible to avoid username/password prompt when accessing an unauthorized doc. lib"
Next in thread: Ian Morrish: "Reverse Proxy and SSL configuration problems ..."
Reply: Ian Morrish: "Reverse Proxy and SSL configuration problems ..."
Messages sorted by: [ date ] [ thread ]

Relevant Pages

multiple SPS portals, WSS sites with one IP
... WSS sites need SSL. ... Should I use host headers? ... Or use different ports for each web site, if so, can DNS ...
(microsoft.public.sharepoint.portalserver)
Re: ISA 2004 Server Errors
... Tunneling SSL Through a WWW Proxy ... CONNECT is really a lower-level function than the rest of the HTTP methods, ... Through ISA Server ...
(microsoft.public.isa)
Re: Preventing tunnels through HTTPS proxies
... Alternatively playing a man-in-the-middle on the proxy, ... but also the matter of the stuff in SSL certificate matching the ... look up the SSL handshake procedure) you were able to distinguish SSL ... How can you tell HTTP traffic over SSL connection from any other ...
(Security-Basics)
Re: ecommerce / ssl over 3g ?
... Yes, they could - but as I said, it depends on how they have their proxy set ... IIRC, as SSL is initiated, the client requests a key from the site. ... > If you have an SSL certificate that identifies itself as "mysite.com" ...
(uk.telecom.mobile)
Re: HTTP Network Programming Issue
... which requires Cookie, Authentication and SSL at the same time, while going ... through a proxy that also requires authentication. ... You should set credentials on the HttpWebRequest as ... I think the site may use cookies, ...
(microsoft.public.dotnet.languages.csharp)