ssl - IIS Central Cert Store - Outbound Traffic -

-

i have f5 load-balanced 4-server cluster environment i'm building, i'm looking centralize our certificates prevent needing install them on every server. windows 2012 / iis 8 seems have centralized certificates, secure endpoint in iis inbound traffic.

what outbound traffic? initiating tls transactions external entities, need way store these on single server , have each of iis boxes "tap into" cert store private , public keys necessary send tls message.

any suggestions?

you're looking hsm f5 support , iis supports few major vendors (thales , safe-net both have iis supported hsms). they're not cheap remember that's you're looking for.

if don't want go route, can opt dirty solution of using big-ip cert store , rely on self-signed certs on iis pool members.

inbound: incoming traffic terminates on big-ip using valid ca-signed cert ssl client profile. big-ip re-encrypts iis using generic ssl server profile. not pretty works.

outbound: have use big-ip default gateway of iis server can direct outbound tls big-ip instead of iis directly.

devcentral: ssl acceleration - can encrypt outbound traffic

hope helps.

-chase


Comments

Post a Comment

Popular posts from this blog

java - Date formats difference between yyyy-MM-dd'T'HH:mm:ss and yyyy-MM-dd'T'HH:mm:ssXXX -

-
i trying parse date 2014-12-03t10:05:59.5646+08:00 using these 2 formats: yyyy-mm-dd't'hh:mm:ss yyyy-mm-dd't'hh:mm:ssxxx when parse using yyyy-mm-dd't'hh:mm:ss works fine, when parse yyyy-mm-dd't'hh:mm:ssxxx parseexception thrown. which correct format parse date , difference between these 2 formats? note : cannot use joda :( those valid formats: yyyy-mm-dd't'hh:mm:ss.sssz >>> e.g.: 2001-07-04t12:08:56.235-0700 yyyy-mm-dd't'hh:mm:ss.sssxxx >>> e.g.: 2001-07-04t12:08:56.235-07:00 edit: btw, "x" refer (iso 8601 time zone)
Read more

c# - Get rid of xmlns attribute when adding node to existing xml -

-
i have xml-file: <ns2:root xmlns:ns2="namespace"> <ns2:a> <ns2:b>some content</b> <ns2:c>some content</c> <ns2:d>some content</d> </a> </root> i need add new node in specific place, code is: var doc = xdocument.load(file); xnamespace ns2 = "namespace"; doc.element(ns2 + "root").element(ns2 + "a").element(ns2 + "c").addafterself( new xelement(ns2+"new", new xelement("new1", new xelement("new2","some content"), new xelement("new3", "some content")))); the output is: <ns2:root xmlns:ns2="namespace"> <ns2:a> <ns2:b>some content</b> <ns2:c>some content</c> <ns2:new> <new1 xmlns=""> <new2>some content</new2> ...
Read more