zoukankan      html  css  js  c++  java
  • Better, Faster, Easier SSL testing for ASP.NET MVC & WebForms

    ScottHa has a great blog Working with SSL at Development Time is easier with IISExpress, but I’ve got what I think is a better approach. Please weigh in.

    In this blog entry I’ll show you how to test SSL on your ASP.NET MVC & WebForms  applications using IIS 7. You should make sure you have IIS 7 set up on your Windows 7 computer before proceeding. See my blog Test your ASP.NET MVC or WebForms Application on IIS 7 in 30 seconds for instructions.

    Create a new ASP.NET MVC 3 Application called MvcSSL in the C:\Webs folder. Accept all the defaults.

    newMVCproj

    WARNING: IIS cannot run an ASP.NET project that has been created in the default Visual Studio project folder (C:\users\<user>\Documents\Visual Studio 2010\Projects). Select a folder where IIS can access the files, such as C:\Webs.

    Build and run the application.

    Right click the solution and select Properties.

    RightClickProject

    1. Select Web in the left pane.
    2. Under Servers, select the Use Local IIS Web server radio button.
    3. Select the Create Virtual Directory button.

    UseLocal_IIS_sm

    Should you get the message:

    Unable to create the virtual directory. To access Web sites on the local IIS Web server, you must run Visual Studio under an Administrator account.

    RunAsAdmin

    Read it and follow the directions and you’ll be rewarded with a friendlier message.

    vid_Success

    Now go back to IIS manager, refresh and drill down in the Default Web Site. Select Browse *:80(http) in the right pane.

    iisMgr

    Adding a SSL Cert the Super Ninja way.

    1. Download and unzip Thomas Demels awesome SelfSSL7 tool. Read about SelfSSL7 here.
    2. Open a administrative command prompt in the SelfSSL7 directory.
    3. Substitute your machine name for Q3 (which was my machine) and run the following command:
      SelfSSL7.exe /Q /T /I "Default Web Site" /N cn=Q3;cn=localhost /V 1000

    That’s it. You now have a self signed certificate for testing.

    Open Global.asax and add RequireHttps to all controllers and action methods.

    public static void RegisterGlobalFilters(GlobalFilterCollection filters) {            filters.Add(new RequireHttpsAttribute());             filters.Add(new HandleErrorAttribute());        }

    Build the application and refresh the browser. Note IIS Manager now includes the SSL port.

    iisMgr443

    https-IE

    Click on the lock icon to examine the certificate.

    CertDetails

    Next Steps

    Change the URL to use the machine name instead of localhost.

    Q1

    To access this site from a remote computer, you’ll probably have to open up port 443.

    To configure the firewall for HTTPS (port 443)

    1. From the Start menu, enter wf.msc

      Type_WF.msc
    2. In the console tree, click Inbound Rules, and then click New Rule.

      InboundNewRule
    3. In the Rule Type page, click Port, and then click Next.

      PortNext
    4. On the Protocols and Ports page, select TCP, and then click Specific local ports.  Enter port 443. Then click Next.

      port443

      5. On the Action page, click Allow the connection, and then click Next.

      allowTheCon

      6. On the Profile page, make sure that the Domain, Private, and Public check boxes are selected, and then click Next to accept the default profile.

      profile

      7. On the Name page, under Name,  type something like World Wide Web Services (Rick’s HTTPS Traffic-In).

      ricks_rule

    5. You can now test the the site from a remote computer, but it won’t be trusted.

      RemoteNotTrusted

    6. Export the certificate and import on a remote computer. Run the following command (change the computer name from Q1 to your computer).

    C:\Users\ricka\Downloads\SelfSSL7>SelfSSL7.exe /Q /T /I "Default Web Site" /N cn=Q1;cn=localhost /
    V 1000 /K 2048 /X /F q1.pfx /W 5$ecURE!

    • Navigate to the PFX file from a remote computer. Double click on the PFX file to start the import wizard.

      CertImportWiz
    • Select Next.

      2_FileToImport
    • Select Next and enter the password. (I used 5$ecURE! in the example).

      3_enterPW
    • Select Place all certificates in the following store, then select Browse.

      4_trustedStore
    • Click OK.

      Finish

    • Click Finish.

      ImportSuccessful
    • You should now be able to browse from the remote computer without warning.

    Testing with FireFox

    1. Using FireFox,, browse to the MvcSSL site. FireFox will issue a warning and not display the page.

      FF_untrusted
    2. Select Add Exception.

      FF_addSecurityException
    3. You can now browse to the site without a warning.

      browseFF

    Trackback:

    http://blogs.msdn.com/b/rickandy/archive/2011/04/22/better-faster-easier-ssl-testing-for-asp-net-mvc-amp-webforms.aspx

  • 相关阅读:
    如何搭建企业级中台系统
    Linux上安装git
    Jenkins的CI持续集成
    docker安装jenkins
    在线思维导图网站
    K8s容器编排
    MySQL存储引擎
    tomcat8 进入不了Manager App 界面 403 Access Denied
    IdeaVim-常用操作
    Node.js 安装及环境配置之 Windows 篇
  • 原文地址:https://www.cnblogs.com/hdjjun/p/2578145.html
Copyright © 2011-2022 走看看