{"id":11700,"date":"2025-03-31T11:01:47","date_gmt":"2025-03-31T02:01:47","guid":{"rendered":"https:\/\/chat-messenger.com\/?p=11700"},"modified":"2025-04-25T14:39:43","modified_gmt":"2025-04-25T05:39:43","slug":"windowsauthentication-loadbalancer-ssl","status":"publish","type":"post","link":"https:\/\/chat-messenger.com\/vi\/blog\/windowsauthentication-loadbalancer-ssl","title":{"rendered":"C\u00e1ch c\u1ea5u h\u00ecnh X\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p IIS \u0111\u1ec3 th\u00e0nh c\u00f4ng trong m\u00f4i tr\u01b0\u1eddng c\u00e2n b\u1eb1ng t\u1ea3i + SSL"},"content":{"rendered":"

Gi\u1edbi thi\u1ec7u v\u1ec1 X\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p<\/h2>\n\n\n\n

X\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p l\u00e0 c\u01a1 ch\u1ebf t\u1ef1 \u0111\u1ed9ng cung c\u1ea5p th\u00f4ng tin x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng cho IIS khi IIS v\u00e0 ng\u01b0\u1eddi d\u00f9ng thu\u1ed9c c\u00f9ng m\u1ed9t mi\u1ec1n Active Directory. Khi b\u1ea1n t\u1ea1o m\u1ed9t trang web b\u1eb1ng ASP.NET C#, b\u1ea1n c\u00f3 th\u1ec3 x\u00e1c \u0111\u1ecbnh xem ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c hay ch\u01b0a v\u00e0 thu th\u1eadp th\u00f4ng tin v\u1ec1 nh\u1eefng ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c.<\/p>\n\n\n\n

\u0110i\u1ec1u n\u00e0y cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp c\u00e1c \u1ee9ng d\u1ee5ng web \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef (ho\u1eb7c li\u00ean k\u1ebft) b\u1edfi IIS m\u00e0 kh\u00f4ng c\u1ea7n thao t\u00e1c \u0111\u0103ng nh\u1eadp b\u1ed5 sung v\u00e0 cho ph\u00e9p t\u00edch h\u1ee3p SSO v\u1edbi c\u00e1c m\u00e1y ch\u1ee7 \u1ee9ng d\u1ee5ng kh\u00e1c.<\/p>\n\n\n\n

Tuy nhi\u00ean, trong m\u00f4i tr\u01b0\u1eddng m\u00e0 m\u00e1y ch\u1ee7 web (IIS) n\u1eb1m d\u01b0\u1edbi b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i v\u00e0 giao ti\u1ebfp \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a b\u1eb1ng SSL\/TLS, x\u00e1c th\u1ef1c Windows n\u00e0y c\u00f3 th\u1ec3 kh\u00f4ng ho\u1ea1t \u0111\u1ed9ng b\u00ecnh th\u01b0\u1eddng.T\u1ea1i sao v\u1eady?<\/span><\/p>\n\n\n\n

\n
\n

N\u1ebfu x\u00e1c th\u1ef1c Windows th\u00e0nh c\u00f4ng, b\u1ea1n s\u1ebd c\u00f3 th\u1ec3 truy c\u1eadp trang x\u00e1c th\u1ef1c m\u1ed9t c\u00e1ch li\u1ec1n m\u1ea1ch, nh\u01b0ng n\u1ebfu kh\u00f4ng th\u00e0nh c\u00f4ng, m\u1ed9t n\u00fat quay s\u1ed1 \u0111\u0103ng nh\u1eadp s\u1ebd \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb. N\u1ebfu b\u1ea1n kh\u00f4ng x\u00e1c th\u1ef1c \u0111\u00fang, b\u1ea1n s\u1ebd nh\u1eadn \u0111\u01b0\u1ee3c L\u1ed7i HTTP 401.1 \u2013 Kh\u00f4ng \u0111\u01b0\u1ee3c ph\u00e9p.<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n

V\u1ea5n \u0111\u1ec1 l\u00e0 X\u00e1c th\u1ef1c Windows ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o<\/strong> V\u00e0 Ho\u1ea1t \u0111\u1ed9ng c\u00e2n b\u1eb1ng t\u1ea3i<\/strong> n\u1eb1m \u1edf \u0111\u00e2u.<\/p>\n\n\n\n

NTLM l\u00e0 ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c th\u1eed th\u00e1ch\/ph\u1ea3n h\u1ed3i th\u00f4ng qua m\u1ed9t k\u1ebft n\u1ed1i TCP duy nh\u1ea5t gi\u1eefa m\u1ed7i m\u00e1y kh\u00e1ch v\u00e0 m\u00e1y ch\u1ee7. V\u1edbi Kerberos, m\u00e1y kh\u00e1ch c\u0169ng s\u1ebd nh\u1eadn \u0111\u01b0\u1ee3c v\u00e9 d\u1ef1a tr\u00ean m\u00e3 \u0111\u1ecbnh danh d\u1ecbch v\u1ee5 (SPN) v\u00e0 g\u1eedi \u0111\u1ebfn IIS. Nh\u1eefng th\u00f4ng tin x\u00e1c th\u1ef1c n\u00e0y \u0111\u01b0\u1ee3c g\u1eedi qua ti\u00eau \u0111\u1ec1 HTTP (Quy\u1ec1n h\u1ea1n: \u0110\u00e0m ph\u00e1n ...<\/code> C\u00e1c giao d\u1ecbch \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n b\u1eb1ng nh\u1eefng ph\u01b0\u01a1ng ph\u00e1p nh\u01b0 v\u1eady. Tuy nhi\u00ean, b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L\u1edbp 7 s\u1ebd ch\u1ea5m d\u1ee9t k\u1ebft n\u1ed1i HTTPS t\u1eeb m\u00e1y kh\u00e1ch tr\u00ean thi\u1ebft b\u1ecb c\u1ee7a ri\u00eang n\u00f3, ph\u00e2n t\u00edch n\u1ed9i dung v\u00e0 chuy\u1ec3n ti\u1ebfp n\u1ed9i dung \u0111\u00f3 \u0111\u1ebfn IIS \u1edf ph\u00eda sau d\u01b0\u1edbi d\u1ea1ng m\u1ed9t y\u00eau c\u1ea7u m\u1edbi. Trong qu\u00e1 tr\u00ecnh n\u00e0yPhi\u00ean TLS \u0111\u1ea7u cu\u1ed1i gi\u1eefa m\u00e1y kh\u00e1ch v\u00e0 IIS s\u1ebd k\u1ebft th\u00fac.<\/span>H\u01a1n n\u1eefa, th\u00f4ng tin x\u00e1c th\u1ef1c li\u00ean t\u1ee5c nh\u01b0 NTLM kh\u00f4ng \u0111\u01b0\u1ee3c l\u01b0u gi\u1eef, khi\u1ebfn qu\u00e1 tr\u00ecnh x\u00e1c th\u1ef1c kh\u00f4ng th\u00e0nh c\u00f4ng.<\/p>\n\n\n\n

D\u1ef1a tr\u00ean b\u1ed1i c\u1ea3nh tr\u00ean, b\u00e0i vi\u1ebft n\u00e0y "B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i<\/strong><\/strong> + C\u1ea5u h\u00ecnh X\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p IIS \u0111\u1ec3 th\u00e0nh c\u00f4ng trong m\u00f4i tr\u01b0\u1eddng SSL<\/strong> Ch\u00fang ta s\u1ebd xem x\u00e9t nh\u1eefng \u0111i\u1ec1u sau. Ch\u00fang t\u00f4i s\u1ebd li\u1ec7t k\u00ea ba m\u1eabu c\u1ea5u h\u00ecnh \u0111i\u1ec3n h\u00ecnh v\u00e0 gi\u1ea3i th\u00edch t\u1eebng m\u1eabu xem x\u00e1c th\u1ef1c Windows c\u00f3 \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3 hay kh\u00f4ng, l\u00fd do k\u1ef9 thu\u1eadt cho vi\u1ec7c n\u00e0y c\u0169ng nh\u01b0 \u01b0u \u0111i\u1ec3m v\u00e0 nh\u01b0\u1ee3c \u0111i\u1ec3m c\u1ee7a t\u1eebng c\u1ea5u h\u00ecnh.<\/p>\n\n\n\n

Ki\u1ec3m tra k\u1ef9 thu\u1eadt c\u1ee7a t\u1eebng k\u1ebf ho\u1ea1ch c\u1ea5u h\u00ecnh<\/h2>\n\n\n\n

\u2460: B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L7 ch\u1ea5m d\u1ee9t SSL + chuy\u1ec3n ti\u1ebfp \u0111\u1ebfn IIS (80 ho\u1eb7c 443)<\/h3>\n\n\n\n

M\u00e1y kh\u00e1ch \u2500\u2500HTTPS\u2500\u2500\u25b6 B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L7 (ch\u1ea5m d\u1ee9t SSL) \u2500\u2500HTTP(S)\u2500\u2500\u25b6 IIS (80 ho\u1eb7c 443)<\/p>\n\n\n\n

Kh\u1ea3 d\u1ee5ng<\/strong><\/h4>\n\n\n\n

C\u1ea5u h\u00ecnh n\u00e0y kh\u00f4ng h\u1ed7 tr\u1ee3 x\u00e1c th\u1ef1c Windows.Kh\u00f4ng c\u00f3 s\u1eb5n<\/span>l\u00e0.<\/p>\n\n\n\n

l\u00fd do<\/strong><\/h4>\n\n\n\n

B\u1edfi v\u00ec phi\u00ean TLS gi\u1eefa m\u00e1y kh\u00e1ch v\u00e0 IIS b\u1ecb ch\u1ea5m d\u1ee9t m\u1ed9t l\u1ea7n tr\u00ean b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i,Kh\u00f4ng th\u1ec3 chuy\u1ec3n giao th\u00f4ng tin x\u00e1c th\u1ef1c t\u1eeb \u0111\u1ea7u \u0111\u1ebfn cu\u1ed1i<\/span>\u0110\u00f3 l\u00e0 l\u00fd do t\u1ea1i sao. B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L7 gi\u1ea3i m\u00e3 l\u01b0u l\u01b0\u1ee3ng HTTPS \u0111\u00e3 nh\u1eadn v\u00e0 truy c\u1eadp IIS thay m\u1eb7t cho m\u00e1y kh\u00e1ch. V\u00e0o th\u1eddi \u0111i\u1ec3m n\u00e0y, kh\u00e1ch h\u00e0ng n\u00ean g\u1eedi Quy\u1ec1n h\u1ea1n: \u0110\u00e0m ph\u00e1n<\/code> Ti\u00eau \u0111\u1ec1 (ti\u00eau \u0111\u1ec1 x\u00e1c th\u1ef1c bao g\u1ed3m phi\u1ebfu Kerberos v\u00e0 m\u00e3 th\u00f4ng b\u00e1o NTLM) s\u1ebd kh\u00f4ng \u0111\u1ebfn \u0111\u01b0\u1ee3c IIS m\u1ed9t c\u00e1ch ch\u00ednh x\u00e1c. C\u1ee5 th\u1ec3, v\u1edbi NTLM, ph\u1ea3n h\u1ed3i th\u1eed th\u00e1ch x\u00e1c th\u1ef1c m\u00e0 IIS g\u1eedi \u0111\u1ebfn y\u00eau c\u1ea7u ban \u0111\u1ea7u (WWW-X\u00e1c th\u1ef1c<\/code>) kh\u00e1ch h\u00e0ng g\u1eedi l\u1ea1i y\u00eau c\u1ea7u, nh\u01b0ng th\u00f4ng qua LBPhi\u00ean TCP gi\u1ed1ng nhau kh\u00f4ng \u0111\u01b0\u1ee3c duy tr\u00ec<\/span>Do \u0111\u00f3, b\u1eaft tay NTLM kh\u00f4ng th\u00e0nh c\u00f4ng.<\/p>\n\n\n\n

Tr\u00ean th\u1ef1c t\u1ebf, ngay c\u1ea3 trong m\u00f4i tr\u01b0\u1eddng AWS, x\u00e1c th\u1ef1c Windows c\u0169ng kh\u00f4ng ho\u1ea1t \u0111\u1ed9ng v\u1edbi Application Load Balancer (ALB) ho\u1eb7c tr\u00ecnh l\u1eafng nghe HTTP v\u00e0 c\u1ea7n c\u00f3 LB c\u1ea5p TCP nh\u01b0 Network Load Balancer (NLB).th\u1ea9m quy\u1ec1n gi\u1ea3i quy\u1ebft<\/a>]. Ngo\u00e0i ra, Azure Application Gateway v2 kh\u00f4ng h\u1ed7 tr\u1ee3 vi\u1ec7c truy\u1ec1n ti\u00eau \u0111\u1ec1 HTTP bao g\u1ed3m x\u00e1c th\u1ef1c t\u00edch h\u1ee3p \u0111\u1ebfn ph\u1ea7n ph\u1ee5 tr\u1ee3.th\u1ea9m quy\u1ec1n gi\u1ea3i quy\u1ebft<\/a>].<\/p>\n\n\n\n

Th\u1ef1c t\u1ebf l\u00e0 n\u00f3 kh\u00f4ng \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3 ch\u00ednh th\u1ee9c b\u1edfi c\u00e1c LB \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a t\u1eebng nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5 \u0111\u00e1m m\u00e2y cho th\u1ea5y kh\u00f3 kh\u0103n trong vi\u1ec7c duy tr\u00ec x\u00e1c th\u1ef1c Windows \u1edf c\u1ea5p L7.<\/p>\n\n\n\n

\u2461: B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L4 (chuy\u1ec3n ti\u1ebfp TLS) + chuy\u1ec3n ti\u1ebfp IIS<\/h3>\n\n\n\n

M\u00e1y kh\u00e1ch \u2500\u2500HTTPS\u2500\u2500\u25b6 B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L4 (chuy\u1ec3n ti\u1ebfp TLS) \u2500\u2500HTTPS\u2500\u2500\u25b6 IIS (443)<\/p>\n\n\n\n

Kh\u1ea3 d\u1ee5ng<\/strong><\/h4>\n\n\n\n

C\u1ea5u h\u00ecnh n\u00e0y s\u1eed d\u1ee5ng x\u00e1c th\u1ef1c Windows.T\u01b0\u01a1ng th\u00edch<\/span>l\u00e0.<\/p>\n\n\n\n

l\u00fd do<\/strong><\/h4>\n\n\n\n

V\u00ec b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L4 (LB ho\u1ea1t \u0111\u1ed9ng \u1edf L\u1edbp 4 c\u1ee7a OSI) chuy\u1ec3n ti\u1ebfp c\u00e1c g\u00f3i tin \u1edf c\u1ea5p TCP,Phi\u00ean TLS gi\u1eefa m\u00e1y kh\u00e1ch v\u00e0 IIS \u0111\u01b0\u1ee3c duy tr\u00ec t\u1eeb \u0111\u1ea7u \u0111\u1ebfn cu\u1ed1i<\/span>s\u1ebd \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n. B\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i kh\u00f4ng ch\u1ea5m d\u1ee9t m\u00e3 h\u00f3a m\u00e0 ch\u1ec9 ph\u00e2n ph\u1ed1i k\u1ebft n\u1ed1i TCP t\u1edbi t\u1eebng m\u00e1y ch\u1ee7, do \u0111\u00f3 "giao ti\u1ebfp tr\u00ean c\u00f9ng m\u1ed9t k\u1ebft n\u1ed1i TCP" theo y\u00eau c\u1ea7u x\u00e1c th\u1ef1c NTLM \u0111\u01b0\u1ee3c duy tr\u00ec. \u0110\u1ed1i v\u1edbi Kerberos, theo quan \u0111i\u1ec3m c\u1ee7a kh\u00e1ch h\u00e0ng, n\u00f3 c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c t\u00e1i t\u1ea1o nh\u01b0 th\u1ec3 kh\u00e1ch h\u00e0ng \u0111ang k\u1ebft n\u1ed1i tr\u1ef1c ti\u1ebfp \u0111\u1ebfn FQDN c\u1ee7a IIS (d\u1ecbch v\u1ee5), do \u0111\u00f3, mi\u1ec5n l\u00e0 SPN \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp ph\u00f9 h\u1ee3p, x\u00e1c th\u1ef1c d\u1ef1a tr\u00ean phi\u1ebfu s\u1ebd ti\u1ebfp t\u1ee5c di\u1ec5n ra nh\u01b0 b\u00ecnh th\u01b0\u1eddng. Ch\u1ebf \u0111\u1ed9 tr\u00ecnh l\u1eafng nghe LB TCP c\u1ed5 \u0111i\u1ec3n v\u00e0 AWS NLB, b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i n\u1ed9i b\u1ed9 Azure, ch\u1ebf \u0111\u1ed9 F5 L4, v.v. thu\u1ed9c v\u1ec1 danh m\u1ee5c n\u00e0y (nh\u1eefng danh m\u1ee5c kh\u00e1c bao g\u1ed3m ch\u1ebf \u0111\u1ed9 HAProxy TCP v\u00e0 lu\u1ed3ng nginx) v\u00e0 c\u00f3 th\u1ec3 v\u01b0\u1ee3t qua x\u00e1c th\u1ef1c t\u00edch h\u1ee3p c\u1ee7a Windows.<\/p>\n\n\n\n

c\u00f4ng lao<\/strong><\/h4>\n\n\n\n

Phi\u00ean TLS kh\u00f4ng b\u1ecb gi\u00e1n \u0111o\u1ea1n t\u1eeb m\u00e1y kh\u00e1ch \u0111\u1ebfn m\u00e1y ch\u1ee7.C\u00e1c giao th\u1ee9c x\u00e1c th\u1ef1c c\u1ee7a Windows v\u1eabn ti\u1ebfp t\u1ee5c ho\u1ea1t \u0111\u1ed9ng nh\u01b0 b\u00ecnh th\u01b0\u1eddng<\/span>C\u00f3 th\u1ec3. Qu\u00e1 tr\u00ecnh b\u1eaft tay ba chi\u1ec1u NTLM c\u0169ng \u0111\u01b0\u1ee3c ho\u00e0n t\u1ea5t trong m\u1ed9t k\u1ebft n\u1ed1i duy nh\u1ea5t v\u00e0 phi\u1ebfu Kerberos \u0111\u01b0\u1ee3c m\u00e1y ch\u1ee7 ph\u1ee5 tr\u1ee3 nh\u1eadn ch\u00ednh x\u00e1c. Ngo\u00e0i ra, v\u00ec LB l\u00e0 ho\u1ea1t \u0111\u1ed9ng L4 n\u00ean c\u00f3 chi ph\u00ed th\u1ea5p v\u00e0 c\u00f3 th\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c th\u00f4ng l\u01b0\u1ee3ng cao.<\/p>\n\n\n\n

\u0110i\u1ec3m tr\u1eeb<\/strong><\/h4>\n\n\n\n

Th\u00e1ch th\u1ee9c l\u1edbn nh\u1ea5t khi c\u1ea5u h\u00ecnh b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i L4 l\u00e0 kh\u00f4ng th\u1ec3 th\u1ef1c hi\u1ec7n \u0111\u1ecbnh tuy\u1ebfn chi ti\u1ebft d\u1ef1a tr\u00ean \u0111\u01b0\u1eddng d\u1eabn ho\u1eb7c t\u00ean m\u00e1y ch\u1ee7. V\u00ed d\u1ee5, trong \u0111\u01b0\u1eddng d\u1eabn URL (v\u00ed d\u1ee5:\/api<\/code>,\/tr\u00f2 chuy\u1ec7n<\/code>Ph\u00e2n ph\u1ed1i t\u1eebng y\u00eau c\u1ea7u (ho\u1eb7c nhi\u1ec1u y\u00eau c\u1ea7u) \u0111\u1ebfn m\u1ed9t m\u00e1y ch\u1ee7 ph\u1ee5 tr\u1ee3 kh\u00e1c nhau l\u00e0 t\u00ednh n\u0103ng ch\u1ec9 c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n \u0111\u01b0\u1ee3c v\u1edbi L7 (HTTP) v\u00e0 kh\u00f4ng th\u1ec3 th\u1ef1c hi\u1ec7n \u0111\u01b0\u1ee3c v\u1edbi L4 (TCP).<\/p>\n\n\n\n

Do \u0111\u00f3, t\u00f9y thu\u1ed9c v\u00e0o y\u00eau c\u1ea7u c\u1ee7a h\u1ec7 th\u1ed1ng, c\u00f3 th\u1ec3 c\u1ea7n ph\u1ea3i chu\u1ea9n b\u1ecb nhi\u1ec1u FQDN v\u00e0 ch\u1ec9 \u0111\u1ecbnh c\u00e1c m\u00e1y ch\u1ee7 \u1ea3o kh\u00e1c nhau cho c\u00e1c m\u1ee5c \u0111\u00edch kh\u00e1c nhau (m\u00e1y ch\u1ee7 web, m\u00e1y ch\u1ee7 x\u00e1c th\u1ef1c Windows, v.v.) trong b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i, \u0111i\u1ec1u n\u00e0y c\u00f3 nh\u01b0\u1ee3c \u0111i\u1ec3m l\u00e0 l\u00e0m cho vi\u1ec7c c\u1ea5u h\u00ecnh tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n.<\/p>\n\n\n\n

\u0110\u1eb7c bi\u1ec7t, khi truy c\u1eadp trang x\u00e1c th\u1ef1c Windows b\u1eb1ng FQDN (t\u00ean mi\u1ec1n \u0111\u1ee7 \u0111i\u1ec1u ki\u1ec7n), \u0110\u0103ng k\u00fd SPN<\/a> kh\u00e1 ph\u1ee9c t\u1ea1p, v\u00ec v\u1eady h\u00e3y xem b\u00ean d\u01b0\u1edbi.<\/p>\n\n\n

\t\t\t
\n\t\t\t\t
\n\t\t\t\t\tH\u1ed9i th\u1ea3o tr\u00ean web Tr\u00f2 chuy\u1ec7n & Messenger<\/span>\n\t\t\t\t\t
\"\"<\/figure><\/div>\t\t\t\t\t
\n\t\t\t\t\t\tThi\u1ebft l\u1eadp IIS \u0111\u1ec3 x\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p IIS th\u00e0nh c\u00f4ng trong m\u00f4i tr\u01b0\u1eddng c\u00e2n b\u1eb1ng t\u1ea3i L4 | H\u1ed9i ngh\u1ecb truy\u1ec1n h\u00ecnh Chat&Messenger<\/a>\n\t\t\t\t\t\tT\u1ed5ng quan B\u00e0i vi\u1ebft sau \u0111\u00e2y gi\u1ea3i th\u00edch c\u00e1ch c\u1ea5u h\u00ecnh X\u00e1c th\u1ef1c Windows t\u00edch h\u1ee3p (IWA) trong IIS trong m\u00f4i tr\u01b0\u1eddng c\u00e2n b\u1eb1ng t\u1ea3i L4 + ch\u1ea5m d\u1ee9t SSL. Ph\u01b0\u01a1ng ph\u00e1p n\u00e0y\u2026<\/span>\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\n\n

Ngo\u00e0i ra, xin l\u01b0u \u00fd r\u1eb1ng c\u00e1c thi\u1ebft l\u1eadp sau \u0111\u00e2y l\u00e0 b\u1eaft bu\u1ed9c \u0111\u1ec3 x\u00e1c th\u1ef1c Windows \u0111\u1ec1u thi\u1ebft l\u1eadp FQDN c\u1ee7a b\u1ed9 c\u00e2n b\u1eb1ng t\u1ea3i.<\/p>\n\n\n\n