Get SSL Session ID in asp.net

Question

Get SSL Session ID in asp.net

Is there a way to get the id id of an id server in asp.net?

+3

ssl asp.net

Tim mahy May 12, '10 at 9:05

source share

2 answers

,

, , SSL? , "InProc", cookie , .

, SQL Server Web.config, :

<sessionState mode="SQLServer"
   cookieless="true"
   regenerateExpiredSessionId="true"
   timeout="30"
   sqlConnectionString="Data Source=MySqlServer;Integrated Security=SSPI;"
   stateNetworkTimeout="30" />

, , HttpContext.Current.Session.SessionID SSL.

MSDN:

, -.

0

thmshd 21 '10 7:18

Warren Rumak · Accepted Answer · 2010-05-21T19:59:36+0000

the short answer is no. This is a deliberate limitation of IIS so that people are not dependent on something that is not reliable.

You will find various hardware load balancers on the market that will offer features such as server persistence based on SSL session identifier, but they do not work very well because SSL renegotiation can happen at any time. For example, in Internet Explorer 8, a new SSL session is negotiated for each tab that is opened on a website. You can expect similar behavior from other multiprocessor browsers. Therefore, I must emphasize that you should not use an SSL session identifier for any purpose of user identification.

: SSL - , Apache, mod_ssl mod_proxy IIS. mod_ssl , - IIS .... .

Get SSL Session ID in asp.net

More articles: