Re: Problem with IIS 6.0
From: George Valkov (null_at_somewhere.com)
Date: 07/30/04
- Next message: AOrlando: "Strange networking problem"
- Previous message: Robert L [MS-MVP]: "Re: dhcp giving wrong ip address"
- In reply to: Phillip Windell: "Re: Problem with IIS 6.0"
- Next in thread: Phillip Windell: "Re: Problem with IIS 6.0"
- Reply: Phillip Windell: "Re: Problem with IIS 6.0"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 30 Jul 2004 19:39:43 +0300
The Server is for the local area network only. There are no proxy servers.
It has more that one web sites. And because 443 is already in use, I have to
use another port.
I logon locally on the HTTPS server's console and connect to
https://server:port/
1. If the address is typed in the address bar of Internet Explorer, I can
navigate to any subfolder - there is no problem with the virtual
directories.
2. If I use Web Folders to view the content as folders, When I double click
on a virtual directory, Internet Explorer will try open
http://server/virtual
instead of
https://server:port/virtual/
That's why it displays an error message.
I think that Microsoft should investigate this problem and fix it as an
update for Windows.
If You have a HTTPS server running IIS 6 in hand You may try to reproduce
the error.
news:evADIvjdEHA.1656@TK2MSFTNGP09.phx.gbl...
> "George Valkov" <null@somewhere.com> wrote in message
> news:OmK5KMidEHA.216@TK2MSFTNGP11.phx.gbl...
> > Hi Miha,
> > In general I can assign any free TCP port number for the SSL and It will
> > work fine. I don't want to provide You with the exact port number for
> > security reasons.
>
> I'm not sure about the original problem, but using SSL on non-standard
ports
> is in itself a security risk and most proxy servers are hardcoded to only
> allow SSL on the standard 443 port. The security of SSL is based on the
> abilities of SSL itself and not by being used on a "secret" port. Here's
is
> a quote from one article on that subject. It originated from Netscape
> Communications Corporation. The first of the three links below is the link
> to the full article.
>
> "CONNECT is really a lower-level function than the rest of the HTTP
methods,
> kind of an escape mechanism for saying that the proxy should not interfere
> with the transaction, but merely forward the data. This is because the
proxy
> should not need to know the entire URI that is being accessed (privacy,
> security), only the information that it explicitly needs (hostname and
port
> number). Due to this fact, the proxy cannot verify that the protocol being
> spoken is really SSL, and so the proxy configuration should explicitly
limit
> allowed connections to well-known SSL ports (such as 443 for HTTPS, 563
for
> SNEWS, as assigned by the Internet Assigned Numbers Authority). "
>
> Tunneling SSL Through a WWW Proxy
> http://muffin.doit.org/docs/rfc/tunneling_ssl.html
> (For Proxy2)
> 184028 - Error Message: 12204 SSL Port Specified Is Not Allowed
> http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b184028
> (For ISA)
> 283284 - Blank Page or Page Cannot Be Displayed When You View SSL Sites
> Through ISA Server
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;283284&Product=ISAS
>
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
- Next message: AOrlando: "Strange networking problem"
- Previous message: Robert L [MS-MVP]: "Re: dhcp giving wrong ip address"
- In reply to: Phillip Windell: "Re: Problem with IIS 6.0"
- Next in thread: Phillip Windell: "Re: Problem with IIS 6.0"
- Reply: Phillip Windell: "Re: Problem with IIS 6.0"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
