Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jul 02, 2008 07:07 AM by saquib189
Sep 24, 2006 08:27 PM|LINK
I set up this appliction, installed CommerceDB on the server, have asp.net db working.
When I try to log in, this is the error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
[HttpException (0x80004005): The application is configured to issue secure cookies. These cookies require the browser to issue the request over SSL (https protocol). However, the current request is not over SSL.]
System.Web.Security.FormsAuthentication.SetAuthCookie(String userName, Boolean createPersistentCookie, String strCookiePath) +149
System.Web.Security.FormsAuthentication.SetAuthCookie(String userName, Boolean createPersistentCookie) +53
System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +134
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +56
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +107
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +178
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +31
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +32
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +72
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3839
Jan 02, 2007 02:25 AM|LINK
I found some help for you in this article. Basically you probably have a line like this in your Web.config file:
<forms loginUrl="Secure\Login.aspx" requireSSL="true" . . . />
Change requireSSL to false and that should do it for you, but be aware of the security implications discussed in the article I linked to.
Jun 29, 2007 08:21 PM|LINK
I ran into the same issue and when I turned off the requireSSL it worked, but what if I want to leave it on, what's the solution? My web site (a financial site) needs SSL at all times from the point of login to logout.
Another question is how do I test SSL during development using the ASP.NET built-in server and not IIS, or do I have to use IIS to test SSL?
Jun 29, 2007 08:35 PM|LINK
You need to use IIS for this. Set up two sites, one for port 80 (with no ssl), and one for port 443 (only SSL). Make the port 80 site redirect to the 443 site.
I haven't tried this out just now, but I think this is how i've done it in the past.
Jul 02, 2008 07:07 AM|LINK
Hi, trying to access
http://msdn.microsoft.com/en-us/library/aa302426.aspx that should solve your problem.