Print Page | Close Window

BOS with HTTPS

Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce Classic
Forum Discription: For .NET 2.0
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=674
Printed Date: 11-Jun-2026 at 9:18am


Topic: BOS with HTTPS
Posted By: patrice
Subject: BOS with HTTPS
Date Posted: 05-Feb-2008 at 12:16pm
I am using the Enterprise version of Devforce with BOS with VS2005.

I do remote connection with BOS and (IIS) http at port 80 easily and its working great.

Now, I'm trying to do remote connection with https at port 443 and I have this error:

Unable to connect to https://ss:443/pandoraBOS/PersistenceServer.rem.  The server or internet connection may be down.

My Ideablade.ibconfig is (remote section):
  <remoting>
    <remotePersistenceEnabled>true</remotePersistenceEnabled>
    <communicationsTechnology>Remoting</communicationsTechnology>
    <remoteBaseURL>https://ss</remoteBaseURL>
    <serverPort>443</serverPort>
    <serviceName>pandoraBOS/PersistenceServer.rem</serviceName>
    <serverDetectTimeoutMilliseconds>-1</serverDetectTimeoutMilliseconds>
    <proxyPort>0</proxyPort>
  </remoting>

I have a self-sign certificate, do you think is it the problem ?

thanks

Patrice Leclerc


Replies:
Posted By: JoshO
Date Posted: 06-Feb-2008 at 5:25pm

Sorry I didn't get to this yesterday Patrice. You guessed the problem correctly - a "self-signed SSL certificate" will crash a .NET remoted application. It is not obvious that you need to install all of the certificates (typically there are 2 certs - the Root Authority and the server) of the "Certification Path" onto the client computer.

The certificate publisher - the computer that generated the self-signed SSL certificate - needs to trusted by the client computer by having it's certificate installed into the "Trusted Root Certification Authorites" store of the "Current User" on the client computer (for test purposes I would not use the "Local Computer" certificate store for self-signed certificate root authorities).
 
The reason for this is:
 

All authentication must be transparent to the operating system in .NET remoting.

What does this mean ?

    - .NET remoting does not allow any interception of the client's communication to the server ( it considers this a security breach )

    - the client application will fail if any message box or dialog box appears requesting credentials (login box) or confirmation to continue connection (unknown SSL certificate publisher)

        and the only way to avoid this is by utilizing "pass-through" or "transparent" authentication, such as Windows Integrated, to the proxy server or in the case of SSL: use a certificate which is automatically recognized by the operating system, such as a Verisign SSL certificate

    - .Net remoting can also fail if authentication is performed by a third-party application, such as a proxy/firewall/Internet Security application, which only provides transparent authentication to certain processes or applications and not to the entire operating system

 

Most of the time, you can tell if the client computer is using some type of pass-through authentication when the Internet browser is able to connect (download a webpage) without a login box or warning box appearing during the browser application startup.

Test the Client Computer: If you install the certificates correctly on the client computer, you should be able to browse a webpage on the test server using SSL (https://) without a security warning message box appearing.

Of course, it really helps to have a network admin on site to show you how to configure all of the above ;)
If you still have trouble getting past the step (marked in red), let me know and I will put together a step-by-step post.
 
Thanks for using DevForce,
 
Josh

Posted By: patrice
Date Posted: 06-Feb-2008 at 7:29pm
Thanks for your answer Josh.
 
When I test https://ss - https://ss  I always have the security warning message.
 
I would appreciate if you can post a step-by-step to do the certificate.
 
Thanks a lot
 
Patrice


Print Page | Close Window