| Author |
Report of pages set with SSL
|
|
|
| Hello. Is there a way to create a report of all pages on a web site that are
set to use SSL encryption?
Thanks
Doug
If replying to me directly, remove REMOVE from my email address.
| |
| Ratatooie 2005-11-01, 6:08 pm |
|
"Doug" <dgeiste@REMOVEsnet.net> wrote in message
news:AjL9f.1217$p37.262@newssvr17.news.prodigy.com...
> Hello. Is there a way to create a report of all pages on a web site that
> are set to use SSL encryption?
>
> Thanks
> Doug
>
> If replying to me directly, remove REMOVE from my email address.
>
No.
You are thinking about it backwards.
SSL using the HTTPS protocol is requested by the browser. It is not
something automatically sent by the server. You can however check for
hyperlinks to pages you want secured and make sure they are using "HTTPS".
There is nothing inherent about the file or the server mapping of the file
that can establish "securedness". The user either requests the file in
secured mode or not.
You CAN do a systematic search with various tools for links, though I know
of none that will spider a site completely and look for HTTPS links over
HTTP links and generate a "report". You can instruct the server to refuse
traffic unless it's using HTTPS, or you can use a redirect script (ASP for
example) to force a request by the browser...
| |
| Consultant 2005-11-01, 6:08 pm |
| i would imagine he is asking to do this for a site on a web server he
manages.
"Ratatooie" <jafiwam@MuNGEDyahoo.com> wrote in message
news:43679837$1_3@newspeer2.tds.net...
>
> "Doug" <dgeiste@REMOVEsnet.net> wrote in message
> news:AjL9f.1217$p37.262@newssvr17.news.prodigy.com...
>
> No.
>
> You are thinking about it backwards.
>
> SSL using the HTTPS protocol is requested by the browser. It is not
> something automatically sent by the server. You can however check for
> hyperlinks to pages you want secured and make sure they are using "HTTPS".
>
> There is nothing inherent about the file or the server mapping of the file
> that can establish "securedness". The user either requests the file in
> secured mode or not.
>
>
> You CAN do a systematic search with various tools for links, though I know
> of none that will spider a site completely and look for HTTPS links over
> HTTP links and generate a "report". You can instruct the server to refuse
> traffic unless it's using HTTPS, or you can use a redirect script (ASP for
> example) to force a request by the browser...
>
>
>
| |
| David Wang [Msft] 2005-11-02, 2:48 am |
| I am not aware of any tool nor built-in functionality to do this, but it is
definitely doable by writing a little bit of code.
All you need to do is look for the AccessSSLFlags property in IIS that is
not zero, and then do a URL-to-Physical mapping to report which physical
files are affected by the AccessSSLFlags property.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Doug" <dgeiste@REMOVEsnet.net> wrote in message
news:AjL9f.1217$p37.262@newssvr17.news.prodigy.com...
Hello. Is there a way to create a report of all pages on a web site that are
set to use SSL encryption?
Thanks
Doug
If replying to me directly, remove REMOVE from my email address.
| |
|
| Thanks! I'll give it a try.
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:u2kuG813FHA.128@tk2msftngp13.phx.gbl...
>I am not aware of any tool nor built-in functionality to do this, but it is
> definitely doable by writing a little bit of code.
>
> All you need to do is look for the AccessSSLFlags property in IIS that is
> not zero, and then do a URL-to-Physical mapping to report which physical
> files are affected by the AccessSSLFlags property.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> //
> "Doug" <dgeiste@REMOVEsnet.net> wrote in message
> news:AjL9f.1217$p37.262@newssvr17.news.prodigy.com...
> Hello. Is there a way to create a report of all pages on a web site that
> are
> set to use SSL encryption?
>
> Thanks
> Doug
>
> If replying to me directly, remove REMOVE from my email address.
>
>
>
>
| |
|
| Late reply. Exactly what I'm looking for. A list of all pages that I've set
for SSL on the server.
"Consultant" <consultant_mcngp@yahoo.com> wrote in message
news:OqsROZw3FHA.3568@TK2MSFTNGP10.phx.gbl...
>i would imagine he is asking to do this for a site on a web server he
>manages.
>
>
>
> "Ratatooie" <jafiwam@MuNGEDyahoo.com> wrote in message
> news:43679837$1_3@newspeer2.tds.net...
>
>
>
| |
| David Wang [Msft] 2005-12-08, 7:53 am |
| You can do this lookup with:
ADSUTIL.VBS FIND AccessSSLFlags
It returns all nodes that have SSL enabled. The hard part is to look through
all child nodes of nodes that have AccessSSLFlags set and then their
URL-to-Physical Mapping to determine all files that have SSL enabled for
them. It's basically stepping through everything IIS does to serve an SSL
page -- except IIS never needs to do this at any time because IIS is only
asked for one page at a time -- whereas you are interested in knowing all
possible pages with SSL enabled (hence you need to do extra work).
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Doug" <dgeiste@REMOVEsnet.net> wrote in message
news:K%Nlf.146$iv.99@newssvr17.news.prodigy.com...
Thanks! I'll give it a try.
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:u2kuG813FHA.128@tk2msftngp13.phx.gbl...
>I am not aware of any tool nor built-in functionality to do this, but it is
> definitely doable by writing a little bit of code.
>
> All you need to do is look for the AccessSSLFlags property in IIS that is
> not zero, and then do a URL-to-Physical mapping to report which physical
> files are affected by the AccessSSLFlags property.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> //
> "Doug" <dgeiste@REMOVEsnet.net> wrote in message
> news:AjL9f.1217$p37.262@newssvr17.news.prodigy.com...
> Hello. Is there a way to create a report of all pages on a web site that
> are
> set to use SSL encryption?
>
> Thanks
> Doug
>
> If replying to me directly, remove REMOVE from my email address.
>
>
>
>
|
|
|
|