This project has moved and is read-only. For the latest updates, please go here.

Crisscross over https: Has anyone done this?

Jul 25, 2013 at 5:52 PM
Our crissCross reporting website will be accessed over a public network.
Has anyone set up their cc site using https binding?

Kind regards

Aug 6, 2013 at 3:13 PM
pretty quiet in here...
Aug 6, 2013 at 3:27 PM
I'm not sure if anyone has done this before but it should work in theory.

The SSRS server itself would also need to be serving up over https so that the ReportViewer can talk to it.

So probably the way to go is:
Aug 6, 2013 at 4:50 PM
Thanks for getting back to me. It's become more important as a client has noticed that it's not secure.
I've configured the IIS site for https and installed the keys in the browser. it works, as in it doesn't fall over but when accessed via https, the format of the report displayed in the report viewer control is completely messed up; you can read the report text but the window it's displayed in is just a few inches across. When accessed via http, it's fine. As the IIS server and RS are on the same server, I've left them talking HTTP to each other. I didn't think HTTPS could do this.

I'll log an issue so that I can upload a few screen shots.
Any suggestion would be greatly appreciated.


Aug 6, 2013 at 6:48 PM
ok, I'll have a look.
I suspect its mostly a reportviewer thing rather than anything crisscross is doing, try Googling "reportviewer SSL" and see if you find any advice.

Also bear in mind that the http and https sites will be treated as completely different sites by for authentication purposes, hence switching everything over to https might help.
Aug 6, 2013 at 10:17 PM
Edited Aug 6, 2013 at 10:47 PM
Again thanks for the support. Hopefully, our efforts will help others that follow.
Like you, I don't think it's a CC issue given that the only change is the way the site is accessed and that's a low level in the OSI stack. The control should know nothing about it.
I think it's an IE problem. MSDN is shy on giving straight answer as can be seen with this poor guy's effort
I'll try changing browsers tomorrow (it's getting late here now) and report back. I can't say my client will be happy having browser versions dictated to them by a reporting tool. They're a regulated body whose every app gets vetted. This is a deal-breaker for them and therefore for us. I'd hate to drop back to plain, old report manager (which works fine in HTTPS and IE strangely, how can that be?) now I've tasted CC.
Aug 7, 2013 at 9:21 AM
Update: report viewer control runs fine over HTTPS if run in IE 10 compatibility mode or in IE versions < 10. i.e. IE 10 breaks it.
So not CC related as we thought and I think this is a liveable solution for our client.
Thanks for the pointers you gave me.