Is there a way to set different TLS cipher suites as server and as client separately?
Hi, I have an ASP .Net app hosted on IIS, Windows Server. The app needs to call external web APIs. For the app, I would like to set only a few secure TLS cipher suites as a server, but the app needs to use other (not so secure) cipher suites as a client for the external APIs. https://docs.microsoft.com/en-us/windows-server/security/tls/manage-tls configuration works for both of server and client. Is there a way to set different TLS cipher suites as server and as client separately?
IIS strange NT AUTHORITY\ANONYMOUS LOGON with Chrome browsers
I need some help troubleshooting why, when using a Chrome browser user gets error Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' while using an Edge browser users do not. I have multiple web application hosted on that server, all intranet based using windows authentication with impersonation. Another strange observation, when Chrome users connect to the web app they receive this error, now if they open same site in Edge, they authenticate just fine and then on refreshing the Chrome browser they are able to authenticate in Chrome.... I have a few users that can't connect in either browser. Here is my configuration. Using IIS 10 and SQL Server. The app and db servers have Kerberos enabled using a service account. Some key IIS settings: App Pool - V4.0 Classic using service account, provisioned for Kerberos. Load user Profile is set to False Authentication: (The following are enabled) ASP.NET Impersonation - Identity to Impersonate - Authenticated User Windows Authentication - Advanced Settings Accept Extended Protection and Enable Kernel-mode auth Providers set to Negotiate then NTLM App Settings: system.webServer/security/authentication/windowsAuthentication authPersistSingleRequest = False Enabled = True useAppPoolCredentials = True userKernelMode = True Any guidance greatly appreciated. Andre Full Error: Server Error in '/' Application. Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [SqlException (0x80131904): Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.] System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection) +345 System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +156 System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) +258 System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +312 System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry) +202 System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry) +413 System.Data.SqlClient.SqlConnection.Open() +128 GATES2._0.Helpers.CurrentReviewPeriodMonth() in C:\Users\myusername\Documents\Visual Studio 2019\GATES 2.0\GATES2.0\GATES2.0\Helpers.cs:2187 GATES2._0.Default.Page_Load(Object sender, EventArgs e) in C:\Users\myusername\Documents\Visual Studio 2019\GATES 2.0\GATES2.0\GATES2.0\Default.aspx.cs:71 System.Web.UI.Control.OnLoad(EventArgs e) +106 System.Web.UI.Control.LoadRecursive() +68 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3785 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3770.0
Cookieless browsing broken after update KB4580979
Upon running Windows Update KB4580979, .Net 4.7.2 projects that have the SessionStateSection.Cookiless Property set to AutoDetect no longer functions as expected. Previously, a browser that blocked cookies would be redirected to the same page with the querystring /default.aspx?AspxAutoDetectCookieSupport=1 and upon the system detecting that cookies were not supported it would redirect again to a cookiless session URL e.g. /(X(1)S(adl04pietheradyfawfaqlym))/default.aspx?AspxAutoDetectCookieSupport=1 Since the update, a browser would continously be redirected to /default.aspx?AspxAutoDetectCookieSupport=1 until the redirects exceeded the maximum redirects. Relevant Web.config section: <configuration> <system.web> <sessionState cookieless="AutoDetect" /> </system.web> </configuration> Windows Server 2019 DataCenter Version 1809 OS Build 17763.1369