Post reply

1, basic security— accept HTTP but reject any calls that might be involved in the passing of credentials

  • April 15, 2010 at 12:36 pm

    #146421

    Hi,

    I went through the link http://ssrshosting.asphostcentral.com/?tag=/ssrs+configuration and have a question:

    SSL Configuration After Install

    Ah! So you didn't listen to us about how to install SSL, or you installed oblivious to the importance of SSL and now want to be able to reconfigure to use SSL without having to take the pain of uninstall followed by reinstall. Well, you are in luck because this is controlled in the RSReportServer.config file by the entry: <Add Key="SecureConnectionLevel" Value="3"/> where the Value can be set as follows:

    · 3 is the most secure— use SSL for absolutely everything

    · 2, secure— use SSL for rendering but don't insist on it for all SOAP calls

    · 1, basic security— accept HTTP but reject any calls that might be involved in the passing of credentials

    · 0, the least secure— don't use SSL at all

    Certificate is already installed. Now I'm planning to install SQL Server 2005 Reporting servies on Server A & it's databases on ServerB.

    The application, from it's web.config file, it should call the reportserver url as below:

    https://servername.domain/reportserver

    user name:

    password

    I have read that if the SSL option is selected while installing the SSRS, it will take the option of "2 secure— use SSL for rendering but don't insist on it for all SOAP calls"

    Question:

    If I go with this option, will the below set up work? i.e calling report server url from Application's web.config file.

    https://servername.domain/reportserver

    user name:

    password

    Because, it says "1 basic security— accept HTTP but reject any calls that might be involved in the passing of credentials ". Here we are paasing credentials from web.config file

    How this works in this case?

  • April 16, 2010 at 9:45 am

    #1152962

    Is the configuration works if We configure SSL to use 1st option 1 Basic Security—Accepts http but rejects any calls that might be involved in the passing of credentials as below from the application's web.config file

    https://servername.abc.com/reportserver

    user name: xXXXX

    Password: XXXX

    thanks

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply