Using WebDAV on Windows has become more secure but consequently a little less developer friendly in recent years. Being aware of the following points makes the experience much easier:
- By default, Microsoft now disables WebDAV mapping when using Basic Authentication over HTTP ie without SSL. Developers and users have two options:
- Enable WebDAV with Basic Authentication without SSL (its unsecure and you should avoid it)
- Enable SSL encryption for your WebDAV server (if you're going to use self-signed certificates, make sure you are aware of some related caveats)
- With Windows Explorer its easy to map a WebDAV folder (Add a Network Location). However, the GUI approach can leave users confused with the results, because it doesn't expose all the nasty error messages lurking under the covers. Its best therefore to simply use the following commands to map and unmap respectively:
- net use * https://:/ /user: * /persistent:no
- net use * /delete
Self-Signed Certificates
- Your certificate will need to be imported into the Windows Trusted Certificate store before you can start using your SSL encrypted WebDAV share
- Your certificate will need to have a Subject Alternate Name (SAN) for it to be acceptable for most purposes. If you're using the Java keytool for example, here is a key generation invocation that worked for me:
- keytool -genkey -keyalg RSA -alias selfsigned -keystore my.keystore -storepass 1234 -keypass 1234 -validity 360 -keysize 2048 -ext SAN=dns:swiftsense.com,ip:192.168.1.73,dns:localhost,dns:www.swiftsense.biz
No comments:
Post a Comment