This week's book giveaway is in the Cloud/Virtualizaton forum.
We're giving away four copies of Mesos in Action and have Roger Ignazio on-line!
See this thread for details.
Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Multiple SSL + File Upload

 
ricky wong
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear all,

Is it possible to connect to web application A (For user login) by using HTTPS connection and then upload a file to another web application B (another web server and using another HTTPS connection)? The file upload page is created in web application A but the path of "ACTION" in the page is a URL of web application B, the enctype is "multipart/form-data" ). I get an error when connecting to web application B. It seems that the it is failed to make a ssl connection with web server B.... Please kindly help.

Thanks.
Ricky
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One of the things SSL does for you (the web user) is make certain that the site to which you have a secure connection is the only site.
It is designed to warn the user if they page they are on makes any requests to a server other than the current one (or any non-secure resources on the current site).

One possible work around would be to let them upload the resource to site A and then, from site A's server connect to site B and upload the resource.

It's more work, both for you and the servers but it will allow the user to conduct their entire transaction with one trusted server.
 
ricky wong
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ben,

Thanks. As these two web applications both are intranet applications, the reason that users upload file to web application B is to reduce the loading of web application A (it is mainly used for user login, it loading is very high). I wonder that if file upload page is changed to a normal web page (not enctype is used), the certificate of web application B is prompted out and then that page can be loaded.

Is any possible way to solve this problem? Or does "enctype" cannot be used in this scenario?

Thanks.
Ricky
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It has nothing to do with enctype.

It has to do with SSL enforcing it's policy of insuring that the user is dealing with only one server while under the SSL session.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic