IIS, Server Certificates & Redirection

IIS Server Security >> IIS, Server Certificates & Redirection

by KJ » Tue, 21 Jun 2005 04:37:14 GMT

hello,

i have a public website "http://site.domain.com" that attempts to
determine if the client is accessing the site from inside the corporate
firewall. if the client is connecting from inside the firewall we
redirect the client to "https:\\site\home". if the client is not
accessing the site from inside we prompt them to login and redirect
them to "https://site.domain.com/home".

when we redirect the user to the internal address they are told that
the server name on the certificate does not match the site name. the
name on the cert is the fully url "site.domain.com". the site names are
exactly the same, but on the internal we drop the full domain so we can
take advantage of integrated authentication. question is, how do we get
rid of the prompt? is it a matter of re-creating the cert or is there
some kind of setting in IIS to tell the browser that they are on the
correct site?

thanks.

Top

All, Here is the current situation: We have 4 security certificated by VeriSign. They are site-a.company.com, site-b.company.com, site-c.company.com, and site-d.company.com. We would like to have only one security certificate, site-a.company.com. Using 3 virtual directories that redirects to other internal servers, we would like to be able to access site-b.company.com via site-a.company.com/site-b, site-c.company.com via site-a.company.com/site-c, and site-d.company.com via site-a.company.com/site-d. The problem appears to be that when the redirection takes place from the virtual directory the client browser goes from site-a.company.com/site-b to site-b.company.com and picks up the security certificate to go with that site. It appears that the certificate is not traveling between servers, further, even if it would given no other certificates, it appears that the certificate will still yell at the user because the certificate is registered to site-a.company.com but the site name (because of the redirection) is site-b.company.com. Shahir Ahang

Hello, i want to implement a Windows 2003 PKI, but i have some problems. when i request a certificate to my enterprise issuing CA, through IIS server interface, I get the following message: "Error Your request failed. An error occurred while the server was processing your request. Contact your administrator for further assistance Request Mode: newreq - New Request Disposition: (never set) Disposition message: (none) Result: No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) COM Error Info: CCertRequest::Submit No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) LastStatus: No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) Suggested Cause: No suggestions. " Thanks for informations.

I have two URL's that I want to host on a single server. However, I want them to go to separate directories within IIS when they are entered into the browser. For example, say my server name is websvr1 and the directories on the server are wdir and wdir1. If the URL's that resolve to websvr1 are site.domain.com and site1.domain.com, then this should happen: User enters SITE.DOMAIN.COM and should land in the wwwroot\wdir directory on websvr1 User enters SITE1.DOMAIN.COM and should land in the wwwroot\wdir1 directory on websvr1 I can set a default page for IIS, but then every request gets directed to that site, regardless of the URL that was entered. How can I accomplish my goal of having two different URL's that resolve to the same IIS server point to different directories? I'm running Win2k3, SP2. Thanks.

IIS Server Security, IIS, Server Certificates & Redirection

IIS Server Security >> IIS, Server Certificates & Redirection