Microsoft KB Archive/238662

= INFO: Using Visual InterDev and Secure Sockets Layer =

Article ID: 238662

Article Last Modified on 12/3/2001

-

APPLIES TO


 * Microsoft Visual InterDev 1.0 Standard Edition
 * Microsoft Visual InterDev 6.0 Standard Edition

-



This article was previously published under Q238662



SUMMARY
With Visual InterDev, you can use Secure Sockets Layer (SSL) to ensure privacy when you design Web sites. This article describes several issues that you may encounter when you use Visual InterDev and SSL.



MORE INFORMATION
Communication between Visual InterDev and the master Web server are performed using the FrontPage client libraries and the FrontPage server extensions, respectively. Microsoft FrontPage 97 and FrontPage 98 also use these libraries if they are installed and have limitations with regard to SSL.

Only Certain Certificate Authorities (CA) are Recognized
To enable SSL, a certificate must be installed onto the Web server. The version of the client libraries that Visual InterDev and FrontPage 97 and later use are hard coded to recognize only four specific Certificate Authority (CA) public keys:
 * VeriSign Secure Server Certification Authority
 * RSA Data Security, Inc.
 * AT&T Certificate Services
 * AT&T Directory Services

Visual InterDev does not recognize any certificate that a different Certificate Authority issues, including a certificate that Microsoft Certificate Server creates. In addition, Visual InterDev does not recognize test certificates from VeriSign because these test certificates do not use VeriSign's standard key-pair.

NOTE: The browser does not encounter these limitations. Browsers use WinInet to store new public keys and are not hard coded with a specific list of Certificate Authorities.

NOTE: If you install FrontPage 2000 client, FrontPage 2000 server extensions, and Internet Explorer 5.x, then FrontPage 2000 uses WinInet to negotiate SSL connections. FrontPage 2000 can make any SSL connection that the browser can make. Visual InterDev versions 1.0 and 6.0 are not designed to use the newer version of the client libraries and will experience the limitations of the older client libraries.

Only 40-bit Encryption Supported
If the Web server is configured to require 128-bit SSL connections, Visual InterDev cannot connect. The client libraries cannot negotiate SSL connections other than 40-bit.

High Bit Bug
In the FrontPage 97 version of the client libraries that originally shipped with Visual InterDev, a bug prevented a successful SSL handshake when the server certificate's public key began with a "1" in the high bit position. This problem has been fixed in the FrontPage 98 client libraries. To update the client libraries for Visual InterDev, install Visual Studio Service Pack 3 or later or FrontPage 98.

