Wednesday, February 23, 2011

WIF : Self signed certificates

With WIF and ADFS, certificates cause endless problems.

The solution for IIS 7 is to use SelfSSl7.

It's a command line application e.g.

USAGE:
SELFSSL7.EXE [/N cn=name] [/K size] [/V days] [/T] [/I] [/S name] [/A I
PAddress] [/P port] [/X] [/F file] [/W password] [/Q]

CERTIFCATE PARAMETERS:
/N name Specifies the common name(s) of the certificate.
Computer name is used if not specified.
Example: /N cn=m1.contoso.com or /N cn=m1.contoso.com;cn=m2.contoso.com
/K size Specifies the key length. Default is 1024.
/V days Specifies the validity of the certificate in days.
Default is 30 days.

TRUST PARAMETERS:
/T Adds the self-signed certificate to user's "Trusted Certificates" list.

IIS PARAMETERS:
/I Add SSL binding to IIS.
Use with the following parameters:
/S name Specifies the name of the site. Default is "Default Web Site".
/A IP Specifies the IP address for the IIS binding. Default is *.
/P port Specifies the SSL port. Default is 443.

EXPORT PARAMETERS:
/X Export certificate to PFX file.
Use with the following parameters:
/F PFX file location.
/W password for PFX file.

OTHER PARAMETERS:
/Q Overwrites existing SSL binding and/or PFX file.

The default behavior is equivalent with:
selfssl7.exe /N cn="machine name" /K 1024 /V 30
/I /S "Default Web Site /P443 /A * /T


I normally use:

SelfSSL7 /V 90 /Q /X /F c:\xxx\Cert.pfx /W password /T

Enjoy!

ADFS : Re-installing ADFS v2.0

Had a number of problems with this so decided to remove ADFS and re-install.

Un-installed it via Control Panel, removed the web site from IIS (Default Web Site) and deleted the adfs directory under inetpub.

When I ran the wizard again, all components correctly installed but the wizard complained that it found the web site so could not re-install. The message was "Existing web site detected".

WTF - I removed everything.

Mr. Google to the rescue and eventually I found the solution.

You need to run the command:

"appcmd delete app "Default Web Site/adfs/ls"

and

"appcmd delete app "Default Web Site/adfs/card"

"appcmd" runs under the command prompt and is found under "C:\Windows\System32\inetsrv".

Enjoy!

Friday, February 04, 2011

LINQ : LINQPad sample not a valid zip file

Under the Samples tab in LINQPad, you can download more samples.

When I clicked this, I got an error telling me that the file in ...\AppData\Local\Temp\LINQPad was not a valid zip file.

WTF?

So I ran up the estimable Fiddler in order to see what was happening and when I tried it, it all worked!

Somehow, putting Fiddler in the middle fixes the problem.

Bizarre, but alls well that ends well!

Enjoy!