Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
http.sys & ssl on ssllabs get C rating (vulnerable)
(11-27-2018, 02:12 PM)kudzu Wrote: .NET service? Do you mean the SA Service?

Sorry if I was unclear. I meant a custom Windows service we implemented in .NET which implements a REST web service interface accessed via https. Unlike our IW standalone web applications running on the same machine (which use OpenSSL and *.pem certificate files), it binds to a SSL certificate imported into the Windows certificate store (actually the same certificate in another format). From the SSL security configuration point of view, it is similar to an IW web application running under IIS. I just wanted to share my view that while there can be advantages to using IIS and Windows built-in SSL support, there can also be disadvantages that you might want to consider.

Messages In This Thread
RE: http.sys & ssl on ssllabs get C rating (vulnerable) - by magosk - 11-27-2018, 02:34 PM

Forum Jump:

Users browsing this thread: 2 Guest(s)