INFO: Using Visual InterDev and Secure Sockets Layer

ID: Q238662

The information in this article applies to:

Microsoft Visual InterDev, versions 1.0, 6.0

SUMMARY

With Visual InterDev, you can use Secure Sockets Layer (SSL) to ensure privacy when designing Web sites. This article describes several issues you may encounter when using Visual InterDev and SSL.

MORE INFORMATION

Communication between Visual InterDev and the master Web server are performed using the FrontPage client libraries and the FrontPage server extensions, respectively. These libraries are also used by FrontPage 97 and FrontPage 98 if they are installed, and have limitations with regard to SSL.

Only Certain Certificate Authorities (CA) are Recognized

To enable SSL, a certificate must be installed onto the Web server. The version of the client libraries used by Visual InterDev and FrontPage 97 and later are hard coded to recognize only four specific CA public keys:

Verisign-Secure Server Certification Authority
RSA Data Security, Inc.
AT&T-Certificate Services
AT&T-Directory Services

Any certificate issued by a different is not recognized by Visual InterDev. This includes a certificate created by Microsoft Certificate Server. Test certificates from Verisign are also not recognized because they do not use Verisign's standard key-pair.

Only 40-bit Encryption Supported

If the Web server is configured to require 128-bit SSL connections, Visual InterDev is not able to connect. The client libraries are unable to negotiate SSL connections other than 40-bit.

High Bit Bug

In the FrontPage 97 version of the client libraries that originally shipped with Visual InterDev, a bug prevented a successful SSL handshake when the server certificate's public key began with a 1 in the high bit position. This problem has been fixed in the FrontPage 98 client libraries. To update the client libraries for Visual InterDev, install Visual Studio service pack 3 or greater or FrontPage 98.

Notes:
These limitations are not experienced by the browser. Browsers use WinInet to store new public keys and are not hard coded with a specific list of Certificate Authorities.

If you install FrontPage 2000 client, FrontPage 2000 server extensions, and Internet Explorer 5.x, then FrontPage 2000 will use WinInet to negotiate SSL connections. Any SSL connection that can be made by the browser can also be made by FrontPage 2000. Visual InterDev 1.0 and 6.0 are not designed to use the newer version of the client libraries and will experience the limitations of the older client libraries.

REFERENCES

For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

Q194449 FP98: Socket Code 13101 Error Opening, Creating New Web

Q236781 PRB: Client-Side Recordset When SSL Required Fails

Additional query words:

Keywords : kbExtension kbFrontPage kbServer kbVisID100 kbVisID600 kbVisID600bug kbVisID600fix kbGrpASP kbIDEProject kbDSupport kbFPServX
Version : WINDOWS:1.0,6.0
Platform : WINDOWS
Issue type : kbinfo