I have a webservice running on my computerusing IIS 5.1. Is there a way to secure my connection whencalling my webservice?I know that if I use server certificate Ineed to run a webserver and needa .net or a .com website. Is there aworkaroundthat I do not have todo this?Currently, I use my public IP address to callthe webservices from my machine. Post Edited (jrkkm) : 5/1/2006 6:53:26 PM GMT
The easiest and cheapest way would be to use SelfSSL and secure your server that way...no domain needed...just a warning box will pop up on clients until they trust your site. Then, once everything is functioning via SSL, I simply have users pass in a userid and password with each request...and validate it each time. I know there may be better ways (read: more efficient) but this works just fine and I can return valid data if a user is authenticated and an empty dataset if the validation fails...it is up to the client (or your software/web ap) to handle what is returned. Have fun.
Thanks! Probably I will try that. I already did the userid and password validation on my webservice. Is there any site you recommend on creating a SelfSSL?
I read more about SelfSSL and it looks like it will only work with IIS 6.0. I am using Windows XP Professional which uses IIS 5.1
i suggest you get a cheap SSL like http://www.rapidssl.com/index_ssl.htm Bruce DiscountASP.NET www.DiscountASP.NET
How about Web Services Enhancements (WSE)? Has anybody used this? I know that discountASP.net supports WSE 3.0 but can I use WSE 2.0 sp3 on my webservice?
WSE 2.0 SP3 and WSE 3.0 are both installed on the web servers. So you can use either. If you are going to be using an X509 certificate for encryption it would have to be installed on the server. DiscountASP can install custom certificates, but it has to be issued to [name].YourHostedDomainName.com. Contact the support team for more details. Aristotle DiscountASP.NET www.DiscountASP.NET
