Closed jamiejamie closed 11 years ago
Hm - hard to tell. Have you tried v2?
Will try it.
any news?
FYI, I finally got around to debugging this. I found the issue to be that the firewall was terminating SSL connection before routing to the server. Admin swears it is not, but IIS log clearly shows that the request is coming in on port 80, not 443. This caused the SslRedirectFilter to redirect to SSL and the loop continued until the browser finally aborted.
line 19 from SslRedirectFilter: if (!filterContext.HttpContext.Request.IsSecureConnection)
OK. thanks for the update.
I have Identity Server (v1) installed on a demo server (2008 SP2--no R2) with IIS7 and a wildcard cert from a trusted cert authority. When attempting to navigate to the STS from a machine that's not on the same domain, it gets into a redirect loop. Eventually, the browser aborts. I have no problems accessing the site from a machine that is on the same domain. Windows auth is not enabled.
Can anyone point me to something I may have misconfigured? Is there a problem with use of a wildcard cert?
Here's what I'm seeing in Fiddler: 1st request: CONNECT sts.mydomain.com:443 HTTP/1.0 User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) Host: sts.mydomain.com Content-Length: 0 DNT: 1 Connection: Keep-Alive Pragma: no-cache
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.