There has been a lot of confusion between static and dedicated IP addresses. There are a lot of customers open a support ticket with request to get a static IP address. Today I would like to discuss this issue.

There are two types of IP addresses Dynamic and Static. Dynamic is the IP address that everyone receives automatically via DHCP server on home routers, wifi hot spots, etc. Basically anywhere you connect wirelessly or via cable and get internet connection automatically you get a dynamic IP address. Dynamic IP address can change when you connect next time. Servers cannot work with random IP addresses changes so we configure Static IP address on each server. So ALL servers have static IP addresses at all times. Static IPs cannot change randomly and assigned on a network card of each server. There can be more than one static IP address assigned to same server.

Shared Web Servers usually have a few IP addresses. By default all domains are assigned to just one IP address and all clients share this one IP address which makes this IP address a Shared IP. Technically it is possible to assign many domains to same IP address via binding in Internet Information Services (IIS7) and host headers in IIS6. Once a client wants to assign a SSL Certificate to his/her domain, shared binding/host headers are not possible anymore, so there is a requirement for a Dedicated IP. Once a dedicated IP is assigned to client’s domain, he/she is able to assign a SSL Certificate. The IP is now Dedicated to the client’s domain. The domain is no longer on a Shared IP address. Both Shared and Dedicated IP addresses are Static.

So it is incorrect to request a Static IP address from a web hosting company because all IP addresses are always static on all servers. Clients need to request a Dedicated IP address.

If you are programming a web application for .NET Framework 3.0 or 3.5 you might be looking for the versions in IIS6 or IIS7. You ask where is ASP.NET3.0 or ASP.NET3.5 versions?

The right answer, there is NO ASP.NET3.0 or ASP.NET3.5.

There are 4 ASP.NET versions:
ASP.NET1.0
ASP.NET1.1
ASP.NET2.0
ASP.NET4.0

There are 6 .NET Framework versions so far:
.NET Framework 1.0
.NET Framework 1.1
.NET Framework 2.0
.NET Framework 3.0
.NET Framework 3.5
.NET Framework 4.0

.NET Framework 3.0 and .NET Framework 3.5 use ASP.NET2.0 runtime located at:

C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

So, if your application is based on .NET Framework 3.0 or .NET Framework 3.5, make sure to enable ASP.NET2 in IIS6, IIS7 or Hosting Control panel.

Internet Information Services 7 (IIS7) doesn’t use metabase-like file from IIS6. Instead the settings and configuration are stored in schema files and applicationHost.config files.

Since the configuration files are different, the old IIS6 tools will not be able to backup IIS7 settings.

This is the new script that you can use to backup your IIS7 web servers.

1. Using notepad or any text editor create a file backupiis7.cmd

2. Insert the following code and save the file:

@echo off
cls

pushd "%WinDir%\System32\inetsrv"

echo.| date | find /i "current">datetime1.tmp
echo.| time | find /i "current">datetime2.tmp

for /f "tokens=1,2,3,4,5,6" %%i in (datetime1.tmp) do (
  echo %%n>datetime1.tmp
)
for /f "tokens=1,2,3,4,5,6" %%i in (datetime2.tmp) do (
  echo %%m>datetime2.tmp
)
for /f "delims=/ tokens=1,2,3" %%i in (datetime1.tmp) do (
  set TMPDATETIME=%%k%%i%%j
)
for /f "delims=:. tokens=1,2,3,4" %%i in (datetime2.tmp) do (
  set TMPDATETIME=D%TMPDATETIME%T%%i%%j%%k%%l
)

appcmd add backups %TMPDATETIME%

del datetime1.tmp
del datetime2.tmp

set TMPDATETIME=

popd
echo.

3. The IIS7 configuration will be backed up at the following path:

C:\Windows\System32\inetsrv\backup

NOTE: you can also use Task Scheduler to automate backups.

Self-signed certificate

Self-Signed Certificate History (from Wikipedia)

In cryptography and computer security, a self-signed certificate is an identity certificate that is signed by its own creator. That is, the person that created the certificate also signed off on its legitimacy.

In typical public key infrastructure (PKI) arrangements, that a particular public key certificate is valid (i.e., contains correct information) if attested by a digital signature from a certificate authority (CA). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA’s certificate. Since CA certificates are often signed by other, “higher ranking,” CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme.

Obviously, the highest-ranking CA’s certificate can’t be attested by some other higher CA (there being none), and so that certificate can only be “self-signed.” Such certificates are also termed root certificates. Clearly, the lack of mistakes or corruption in the issuance of such certificates is critical to the operation of its associated PKI; they should be, and generally are, issued with great care.

In a web of trust certificate scheme there is no central CA, and so identity certificates for each user can be self-signed. In this case, however, it has additional signatures from other users which are evaluated to determine whether a certificate should be accepted as correct. So, if users Bob, Carol, and Edward have signed Alice’s certificate, user David may decide to trust that the public key in the certificate is Alice’s (all these worthies having agreed by their signatures on that claim). But, if only user Bob has signed, David might (based on his knowledge of Bob) decide to take additional steps in evaluating Alice’s certificate. On the other hand, Edward’s signature alone on the certificate may by itself be enough for David to trust that he has Alice’s public key (Edward being known to David to be a reliably careful and trustworthy person). There is of course, a potentially difficult regression here, as how can David know that Bob, Carol, Ted, or Edward have signed any certificate at all unless he knows their public keys (which of course came to him in some sort of certificate)? In the case of a small group of users who know one another in advance and can meet in person (e.g., a family), users can sign one another’s certificates when they meet as a group, but this solution does not scale to larger settings. This problem is solved by fiat in X.509 PKI schemes as one believes (i.e., trusts) the root certificate by definition.[dubious – discuss] The problem of trusting certificates is real in both approaches, but less easily lost track of by users in a Web of Trust scheme.

How To Create a Self-signed SSL Certificate for II6 (Windows Server 2003)

This tutorial explains step by step how to create a Self-signed SSL Certificate on Windows Server 2003. There are many ways to do it. This is the way I do it and suggest to others as one of the easiest, reliable and straight forward solution to install a Self-signed SSL Certificate on IIS6.

Prerequisites

To get started you need to have a general knowledge about Windows Server Administration and IIS6. Obviously, to continue with the tutorial you need an installed Windows Server 2003 and IIS6 configured on the server. Also, make sure the server is configured with the right IP Address and has an Internet Connection.

1. Open a browser of your choice and download IIS6.0 Resource Kit Tools from official
Microsoft Downloads website.

2. Once downloaded click Run to Install the Application

3. Agree with the EULA

4. Select Custom Setup Type

5. Choose Destination folder for the files or use the default option

6. You can uncheck all the Tools and leave only SelfSSL 1.0

7. Click again Next to install the Tools

8. Once installed, click Start > All Programs > IIS Resources > SelfSSL > Run SelfSSL Tool

9. Before you can proceed further you need to find the Website ID that you want to assign the SSL.
a. Open IIS
b. Navigate to Web Sites
c. Look for Identifier number of your web site
d. If you want to assign SSL to “Default Web Site” ID would be 1

10. Now run the following command in the Command Prompt:

selfssl /N:CN=www.aspnix.com /K:2048 /V:365 /S:1 /T

a. replace www.aspnix.com with your domain
b. /K: is the key size – 2048 is recommended
c. /V: days of validity – 365 is recommended
d. /S: number for your web site identifier in IIS
e. /T makes the certificated trusted

11. Once you run the command confirm it with Y then press ENTER:
Do you want to replace the SSL settings for site 1 (Y/N)? Y

12. If successful you will see this message:
The self signed certificate was successfully assigned to site 1.

13. Your Self-signed SSL has been installed. You can verify it by going IIS > Web Sites > Default Web Site (or any site you assigned it to), right click > Properties > Directory Security > View Certificate

Congratulations! You have just successfully installed a Self-signed SSL Certificate!

It’s very simple but most people don’t know that it’s possible to burn a CD or DVD ISO file using Windows Explorer on Windows 7 for FREE without any 3rd party software.

1. To get started navigate using Windows Explorer to the ISO image file that you want to burn to DVD.

2. Double click on the ISO image file or right click it and choose “Burn disk image”
(make sure you have inserted empty CD/DVD disk)

3. Click burn to start the burning process

Once the disk is burned you can now install software using your CD/DVD. Enjoy!