Rank: Member
Joined: 6/11/2005(UTC)
Posts: 7
|
I downloaded and installed (BVC2004Lite) and is installed and working on my server. But when I enable the SSL to use Secure Socket Layers checkbox and clicked the save button. I receive the Following Error message: (Below) After seeing the error message I quickly clicked on the Cancel button not to lock myself out. Not sure what to try??? Any advice / Help would be appreciated...Thank You.
_______________________________________________________________________________
Error Message:
Access to the path "E:\Websites\CDIslandCommerce\web.config" is denied.
mscorlib
at System.IO.__Error.WinIOError(Int32 errorCode, String str) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, Boolean useAsync, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at configuration_security.WriteWebConfigSetting(String standardURL, String secureURL)
The system was unable to update the web.config file. This may be due to lack of permissions for the ASPNET account. You will need to manually update the connection string setting in your web.config file.
______________________________________________________________________________________________________________________________________________________________________________
The Server is running Windows 2003, Framework 1.1 and has SSL Certificate install. Does anyone have an idea what can be done to correct this problem? Has anyone else ran into this problem?
|
|
|
|
|
|
Rank: Member
Joined: 8/1/2007(UTC)
Posts: 310
|
IN BVC 2004, the SSL and non-SSL URLs are stored in the web.config file. So every time you make a change to the SSL settings within BVAdmin, the store will try to update the web.config file. In this specific case, looks like the account your store is running as does not have write/modify permission to the web.config file. Hence it complained. So basically nothing really happened even after clicking the button because it could not write to the web.config file.
In the future, after you have deployed an SSL certificate for your store, go to the web.config file and modify the SSL url yourself or give appropriate permission to the account that you store is running under. Hope that helps. |
Thanks,
Satya
support @ bayquel.net
Work: +1 803 883 3226 |
|
|
|
|
|
Rank: Member
Joined: 6/11/2005(UTC)
Posts: 7
|
Thanks Satya,
I have an SSL Certificate deployed for my store already... Here is what my web.config file looks like. I changed the names of the databases & website names for posting safety. Maybe you can spot where I would have to make changes
manually... If you can please take a look. I would greatly appreciate it . . Thank You.
[2]
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="exceptionManagement" type="Microsoft.ApplicationBlocks.ExceptionManagement.ExceptionManagerSectionHandler,Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<exceptionManagement mode="on">
<publisher mode="on" assembly="BVSoftware.BVC.Core" type="BVSoftware.BVC.Core.Exceptions.BVCommerceEventLogPublisher" />
<publisher mode="off" assembly="Microsoft.ApplicationBlocks.ExceptionManagement" type="Microsoft.ApplicationBlocks.ExceptionManagement.DefaultPublisher" logname="BVSoftwareEventLog" applicationname="BVCommerce" />
</exceptionManagement>
<system.web>
<pages validateRequest="true" />
<compilation defaultLanguage="vb" debug="false" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
-->
<customErrors mode="RemoteOnly" />
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<!-- Allow all users -->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an application.
Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your web application
root.
-->
<trace enabled="false" requestLimit="20" pageOutput="false" traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc" stateConnectionString="tcpip=I_Made_This_Area_BlankforPostingSafety" sqlConnectionString="data source=I_Made_This_Area_BlankforPostingSafety;user id=MyID;password=" cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" fileEncoding="utf-8" />
</system.web>
<location path="BVConfigure/ConfigureDefault.aspx">
<system.web>
<authorization>
<allow users="ASPNET,Administrator" roles="BUILTIN\Administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>
<appSettings>
<!-- CONNECTION STRING
Example: server=MYSQLSERVER;database=MYDBNAME;uid=MYUSERNAME;pwd=MYPASSWORD;
-->
<add key="ConnectionString" value="server=(local);database=MyDataBase;uid=MyUserID;pwd=MyPassword;" />
<add key="ConnectionString" value="server=localhost;Trusted_Connection=true;database=MyDatabase1" />
<add key="MyConnectionString" value="server=localhost;Trusted_Connection=true;database=MyDatabase2" />
<add key="StandardURL" value="http://www.MyWebsite.com/MyBVC2004Commerce/" />
<add key="SecureURL" value="https://www.MyWebsite.com/MyBVC2004Commerce/" />
</appSettings>
</configuration>
[/2]
|
|
|
|
|
|
Rank: Member
Joined: 6/11/2005(UTC)
Posts: 7
|
Update: I added write permissions for BVC2004 Web.Config file -- Then I logged in & enabled SSL and Clicked Save / and was able to save without Error message. And then I had to re-Login again (which was also successful). But I noticed that now when I try to login into my account using secure connection & enter this into the Browser https://www.mywebsite.com/bvc2004Commerce/login.aspx It changes back to --- > http://www.mywebsite.com/bvc2004Commerce/login.aspx And won't let me login - the S is removed. I tried typing it manually into the Address bar but the S is always removed And I receive the following Error message: Error Message: [color=#0000ff>Microsoft][/color]</A> and perform a title search for the words <B>HTTP and 403. </P></DIR></DIR> open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled about<b> Security</B>, Secure Sockets Layer (SSL), and about<b> Custom Error Messages</B>.
|
|
|
|
|
|
Rank: Member
Joined: 8/1/2007(UTC)
Posts: 310
|
Thats really weird. I dont have the source with me right now. If you have the source code, can you look up the login.aspx.vb file and see if the page requires SSL or not? To me it looks like although you are forcing a secure connection, since the page is set to not require ssl, its probably redirecting you to non-secure. I believe the property name is RequireSSL and it should be in the init method.
Also, what version of BVC 2004 are you running? |
Thanks,
Satya
support @ bayquel.net
Work: +1 803 883 3226 |
|
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.