What is Centralized Certificate Store (CCS) and how to use it?

CCS (Centralized Certificate Store) is feature we started using after IIS 8. It allows IIS to pick up website certificates from a network share instead of the local certificate store. For environments with multiple IIS servers, this is a feature that makes system administrators’ lives a lot easier. All you need to do is to add an IIS binding that points to CCS.

There are two steps to use CCS:

  1. Configure IIS to use CCS (a server-level setting in IIS)
  2. Add an IIS binding to your website. You can do it by
    • Using IIS Manager OR
    • Using PowerShell
Read More

Change in the default short date format for English (Canada)

Windows has language packages that store country specific settings such as short date format. I have recently came across an issue that was caused by an update in Canada’s language package.

Starting with Windows Server 2012 and Windows 8, the default date format for English (Canada) – short name is en-CA – was changed from dd/MM/yyyy to yyyy-MM-dd.

Microsoft is not planning to revert this change as yyyy-MM-dd is the recommended date format by The Government of Canada. However, there is no binding legislation so other formats are also used.

The Government of Canada recommends that all-numeric dates in both English and French use the YYYYMMDD format codified in ISO 8601.[10] The Standards Council of Canada also specifies this as the country’s date format.[11][12]

The YYYYMMDD format is the only method of writing a numeric date in Canada that allows unambiguous interpretation, and the only officially recommended format.[2] The presence of the DD/MM/YY (international) and MM/DD/YY (American) formats often results in misinterpretation. Using these systems, the date 7 January 2016 could be written as either 07/01/16 or 01/07/16, which readers can also interpret as 1 July 2016 (or 1916); conversely, 2016-01-07 cannot be interpreted as another date.

In spite of its official status and broad usage, there is no binding legislation requiring the use of the YYYYMMDD format, and other date formats continue to appear in many contexts.

Date and time notation in Canada

There is a proposed legislation to settle the date format debate. More information about the date/time implementation in Canada can be found in this page.

Read More

(Solved) IDX10311: RequireNonce is ‘true’ (default) but validationContext.Nonce is null

If your application is not able to authenticate using Azure AD, you may come across to this error message: “IDX10311: RequireNonce is ‘true’ (default) but validationContext.Nonce is null“.

Here is the full error message:

IDX10311: RequireNonce is ‘true’ (default) but validationContext.Nonce is null. A nonce cannot be validated. If you don’t need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to ‘false’.

IDX10311: RequireNonce is 'true' (default) but validationContext.Nonce is null
IDX10311 error
Read More