Nathan Bridgewater

Well this was a fun one. For onelittlebow.com, we’re using Google Checkout as one of our checkout methods. Recently we just switched to using a virtual dedicated server rather than the normal shared hosting environment at GoDaddy. Their shared hosting never really supported Google Checkout notifications because their shared IIS servers were configured to use Basic Authentication with Windows and always pre-authenticated the request. Since the merchantID and key wasn’t a valid NT account on the server IIS would always kick back a 401 response and ASP.NET wouldn’t even touch the request.

Now with the virtual dedicated environment, we are finally able to use these callbacks and handle the authentication header ourselves in code (or by setting up an account on the server).  But in production, we must use fully trusted SSL. That’s not a huge deal; we just purchased one of their SSL certs and installed in on our server. Easy peasy right?  Well if you’re like me and you’re not super familiar with the nitty gritty details of SSL and certificate validation, then you might be getting this error in the Integration Console on Google Checkout’s admin page.

We encountered an error trying to access your server at https://somewhere.com/callback_endpoint — the error we got is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Read more…

While developing in Visual Studio using the ASP.NET Development Server, all your requests are handled by the asp.net handler.  So when you’re playing with things like url redirection or custom handlers, it will work fine while you’re developing. But when you deploy it to IIS, you need to add the handler for the extension so IIS knows that ASP.NET is processing the request.

I just ran into this while building an image handler for custom_folder/*.jpg.  I wanted all requests for jpg files here to be handled by my custom handler.  My IIS Server wasn’t responding properly because it wasn’t configured to pass that request to asp.net. Unfortunately, I’m working with a shared hosting environment and Medium Trust, so I have to change this to something that is handled by asp.net by default like *.ashx, aspx, etc.

In a full trust environment where you have acess to the IIS server, you can add a new ISAPI handler for any extension you want to override in asp.net. Just go to the application configuration for the website or virtual directory and add a new ISAPI filter for your extension.  When adding a new extension filter, point it to the same path as the other asp.net ISAPI handlers. If you want it to just handle for a single folder, it might be a good idea to set it up as its own virtual directory with a filter for that virtual directory alone. This will allow asp.net to handle the requests for that file type, then you can use your custom handler as you normally would in the development environment.

If anyone is interested, I can provided more information.