PRB: Client-Side Recordset Fails When SSL Is Required

When you work with Active Server Pages (ASP) or HTML pages that use a client-side Recordset DTC in a Web site or a Web application with Secure Sockets Layer (SSL) enabled, your page may show up in the browser with no data in it.

This behavior occurs because the following statement in the Recordset.htm file is making an HTTP request instead of an HTTPS request to the server: When the Web server is configured to require SSL, requests using HTTP fail. Because the line of code above specifically states to use the HTTP protocol for RDS, the connection fails and no data is displayed.

If returning the RDS data via HTTP and not using SSL is acceptable, then you can remove the SSL requirement for RDS only. Use the following steps to do this:

1. Open Microsoft Management Console (MMC).
2. Expand the Web site, right-click the MSADC application, and select Properties.
3. On the Directory Security tab, click Edit under the Secure Communications section.
4. Clear the Require Secure Channel When Accessing This Resource option.

Another option is to use a server-side recordset DTC that does not use RDS. Data access will be performed on the server, and the resultig HTML can be sent to the browser via SSL.

If you require the use of RDS, and the RDS connection must be done via HTTPS, then you can optionally edit the Recordset.htm file and simply change the http to https as shown: NOTE: Modifications to the files in the _ScriptLibrary folder are unsupported. Updates from Microsoft for the _ScriptLibrary files may overwrite any customizations.

This behavior is by design.