Firstly, my apologies for not responding earlier than this.

As per your suggestion, I have set the SERVERXMLHTTP object to ignore all 
Server certificate errors and IT WORKS.

Thanks a lot for your help.

But, I am still wondering what is the best option to process content from 
pages within the same virtual directory? I also observed from the MSDN link 
that it is not adviced to use SERVERXMLHTTP to request pages from the same 
virtual dir.

thanks,
Laxmikanth

"Bojidar Alexandrov" wrote:

> 
> "Laxmikanth" <Laxmikanth@d...> wrote in message
> news:94A7C2E7-61DF-40AE-846B-40290B382EA8@m......
> > Hi,
> >
> > Env. IIS5.0 on Win2K; Authentication set to use Windows Integrated
> > Authentication. NO Anonymous access.
> >
> > My application has few ASP pages that process few other ASP pages in the
> > same application (Virtual Dir.) using SERVERXMLHTTP and show the content.
> >
> > Since the calls are IntraApp, I always used to frame my url as
> > http://localhost/MyApp/MyPage.asp and everything seemed to work fine.
> >
> > Later on, I had to extend it to support https access. We obtained the
> proper
> > server certificate; applied it; modified the url to use
> https://localhost....
> > and everything seemed to work fine.
> >
> > With MSFT patch KB824151, this doesn't work anymore and it expects to have
> a
> > server certificate for the site localhost. I tried to workaround by using
> the
> > site name in the URL in place of localhost
> > (https://mysite.domain.com/MyApp....). This gives me erro 401.2 -
> permission
> > issues.
> >
> > I understand that I probably need to pass the username and password to the
> > Open method, but as you all know, we wouldn't be able to pass the
> credentais
> > from the source ASP page.
> >
> > How do I get rid of this problem and more importantly, what is the best
> way
> > process ASP pages within the same App using SERVERXMLHTTP.
> >
> > You help would be greatly appreciated.
> 
> 
> I have not tried passing credentials this way but be aware that this is not
> the recomended way to do this. You probably will need to use
> alternative/custom authentication sheme.
> 
> I use this control to call one page from another in same application and it
> seem to work for now but see these articles and you will understand that
> there is much more pain to setup this to work.
> http://support.microsoft.com/default.aspx?scid=kb;en-us;827429
> http://support.microsoft.com/default.aspx?scid=kb;en-us;820882
> http://support.microsoft.com/default.aspx?scid=kb;en-us;316451
> 
> Also I found one bug that when server certificate is not valid (mismatched
> hostname or expired) it throw an error despite the default behaviur that is
> to ignore such errors so setting this option fix this. It already have this
> value before we set it but when it is set again it works :)
> 
> SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056
> 
> xmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0");
> xmlHttp.setOption(2) = SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS;
> 
> Tell me if this information have helped you and if you got it to work
> consistently.
> 
> Bojidar Alexandrov
> 
> 
>