Encrypted pages (HTTPS / SSL) are unable to export to local applications

Internet based applications can be used to export content to a local application. Usually this is done by exporting the content to a format which is commonly used, like .PDF (Adobe Reader), .XLS (Microsoft Excel) or .DOC (Microsoft Word).

When the data is exported the user is confronted with a dialog which allows the user to open or save the document. In this dialog the content type is already shown (because of the file type association), an indication most of the tasks are processed in a correct order. The dialog could look like this (in dutch):
Right result

However, when the webpage is hosted on a secure page using SSL (the URL starts with https://) this sometimes results in a different dialog. In this dialog the user is prompted to open or save an default_aspx file. Another example:
Wrong result
The file prompted in the dialog, default.aspx, is an ASP application which exports the data. The result of the ASP application should be prompted to the user, not this page.
This unusual behaviour is the result of an incorrect setting in Internet Explorer. Because the page is not cached the ASP program is unable to execute properly. This could be the result of an group policy (GPO) which is set, called ‘Do not save encrypted pages to disk’ or because the following registry is set (which could be the result of a GPO) to 1.

Key : HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsDisableCachingOfSSLPages
value : 0 – SSL pages are cached, 1 – SSL pages are not cached

The secure web application behaves correct when the key is set to 0, which causes Internet Explorer to cache the pages like all other pages (the default behaviour).

Ingmar Verheij

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.