We deploy a ASP.NET 1.1 web app by creating a new website.  The entire
website is set to SSL.  We are hearing back from our operations people, it
then is not possible to turn off SSL for a few directories under the
website.

Shouldn't it be possible to go into the directories and turn off Require
Secure Channel?

The way we have gotten by this in the past is to not secure the whole
website and go through every folder we want to use SSL and turn on Require
Secure Channel but this takes quite a bit of time.

[ Post a follow-up to this message ]

Your operations people are mistaken.

IIS is flexible. It allows either:
1. All directories require SSL EXCEPT for specific named ones
2. All directories work with HTTP and SOME specific named ones require SSL

The right choice? Depends on which is easiest and makes sense for you.

It sounds like you rather default to require SSL except for some specific
directories... which is easily supported by IIS.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Kevin Jackson" <kjackson@powerwayinc.com> wrote in message
news:u0qwrWLPGHA.344@TK2MSFTNGP11.phx.gbl...
> We deploy a ASP.NET 1.1 web app by creating a new website.  The entire
> website is set to SSL.  We are hearing back from our operations people, it
> then is not possible to turn off SSL for a few directories under the
> website.
>
> Shouldn't it be possible to go into the directories and turn off Require
> Secure Channel?
>
> The way we have gotten by this in the past is to not secure the whole
> website and go through every folder we want to use SSL and turn on Require
> Secure Channel but this takes quite a bit of time.
>
>
>

[ Post a follow-up to this message ]

David,

So if SSL is turned on at the site level, we should still be able to go to
various files and directories and turn it off right?


"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:uAQliITPGHA.2604@TK2MSFTNGP09.phx.gbl...
> Your operations people are mistaken.
>
> IIS is flexible. It allows either:
> 1. All directories require SSL EXCEPT for specific named ones
> 2. All directories work with HTTP and SOME specific named ones require SSL
>
> The right choice? Depends on which is easiest and makes sense for you.
>
> It sounds like you rather default to require SSL except for some specific
> directories... which is easily supported by IIS.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> //
>
> "Kevin Jackson" <kjackson@powerwayinc.com> wrote in message
> news:u0qwrWLPGHA.344@TK2MSFTNGP11.phx.gbl... 
>
>

[ Post a follow-up to this message ]

Yup. It's simply the way the IIS configuration system works.

Values set at the parent node (i.e. site level) automatically inherit to the
children node UNLESS specifically overriden at the children node (i.e.
various files/directories).

So if you set any property globally or per-site, it automatically applies
everywhere UNLESS some child node decides to override it with another value.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Kevin Jackson" <kjackson@powerwayinc.com> wrote in message
news:%23tm43mTPGHA.1040@TK2MSFTNGP12.phx.gbl...
> David,
>
> So if SSL is turned on at the site level, we should still be able to go to
> various files and directories and turn it off right?
>
>
> "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> news:uAQliITPGHA.2604@TK2MSFTNGP09.phx.gbl... 
>
>

[ Post a follow-up to this message ]