Hello all!
Another concept / question for everyone.
I have the follwing scenario - 2 IIS 6 web servers (A and B) and one client. Each web server has its own SSL certificate assigned to it. Server A holds authentication information as well as the IP and certificate required to connect to server B. My client wants to access files on server B. All requests are done via web services.
Thus, the client app requests information from server A using the certificate for server A to decrypt the IP/certificate object for server B.
Then, a connection is made to the web services on the IP for server B using the certificate for that server that was provided by server A.
I need to do it this way because I have a single authentication server that will hold access to multiple data servers - each with different certificates.
Questions.
1. Can I embed the certificate for server A in the code of the client app rather than having to initially download it?
2. How do I "install" the certificate for server B when it's being done via web services?
3. Is there a way to remove the certificate for server B or make it expire after a random time after closing the connection?
Okay - I've been scouring the internet and have a couple of books by Apress and MSPress - they show how to use a certificate in a web app and force web services over an SSL - just not how to do it dynamically. Any ideas?
thanx in advance,
inzo
Another concept / question for everyone.
I have the follwing scenario - 2 IIS 6 web servers (A and B) and one client. Each web server has its own SSL certificate assigned to it. Server A holds authentication information as well as the IP and certificate required to connect to server B. My client wants to access files on server B. All requests are done via web services.
Thus, the client app requests information from server A using the certificate for server A to decrypt the IP/certificate object for server B.
Then, a connection is made to the web services on the IP for server B using the certificate for that server that was provided by server A.
I need to do it this way because I have a single authentication server that will hold access to multiple data servers - each with different certificates.
Questions.
1. Can I embed the certificate for server A in the code of the client app rather than having to initially download it?
2. How do I "install" the certificate for server B when it's being done via web services?
3. Is there a way to remove the certificate for server B or make it expire after a random time after closing the connection?
Okay - I've been scouring the internet and have a couple of books by Apress and MSPress - they show how to use a certificate in a web app and force web services over an SSL - just not how to do it dynamically. Any ideas?
thanx in advance,
inzo