Category Archives: .Net

How does HTTPS works?

How does HTTPS works?

  1. Client request for secure Https  page.
  2. Web server respond by sending certificate with public key.
  3. Client checks the validity of the certificate and create a symmetric session key using the public key and sends it back to Web serer.
  4. Web server decrypt the symmetric session key using it’s private key and sends page encrypted using the symmetric session key.
  5. Secure session has now been established between Client browser & Web server.


HTTPS pages typically use one of two secure protocols to encrypt communications – SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Both the TLS and SSL protocols use what is known as an ‘asymmetric’ Public Key Infrastructure (PKI) system. An asymmetric system uses two ‘keys’ to encrypt communications, a ‘public’ key and a ‘private’ key. Anything encrypted with the public key can only be decrypted by the private key and vice-versa.

The ‘private’ key should be kept strictly protected and should only be accessible the owner of the private key. In the case of a website, the private key remains securely ensconced on the web server. Conversely, the public key is intended to be distributed to anybody and everybody that needs to be able to decrypt information that was encrypted with the private key.



Leave a comment

Filed under .Net, ASP.Net, C#, WCF

What does cherry-picking a commit with git means?

Cherry picking in git means to choose a commit from one branch and apply it onto another.

This is in contrast with other ways such as merge and rebase which normally applies many commits onto a another branch.

Make sure you are on the branch you want apply the commit to.

git checkout master

Execute the following:

git cherry-pick

What does cherry-picking a commit with git means?

Leave a comment

Filed under .Net

Imp Terms
IIS is the most popular ASP.Net web server provided by Micrsoft.

Worker Process: All application runs under the scope of Worker Process (w3wp.exe), which act as application boundary. When a request comes to the server from a client worker process is responsible to generate the request and response.

Application pool:
Application Pool is the container of worker process. An app pool can have multiple worker process that share same configuration, by default there is only one worker process per app pool. A server can have multiple App pool for different application.
eg: an enterprise organization might place its human resources Web site and its finance Web site on the same server, but in different application pools.

Application Pool with multiple Worker process is “Web Garden“.

Now the request handling by IIS is divided into two stages:
Kernal Mode
User Mode

1) In Kernal level, the request received by IIS is handled by HTTP.SYS, which identify the App pool to process the request.

2) In User Level, we have Web Admin Services (WAS) which takes the request from HTTP.SYS and pass it to App pool.

3) When App pool rceive the request it simply passes the request to the worker process (w3wp.exe) which looks up the URL of request to load the correct ISAPI extension.
ISAPI extensions are the IIS way to handle requests for different resources. Once ASP.NET is installed, it installs its own ISAPI extension (aspnet_isapi.dll) and adds the mapping into IIS.

4) When wp loads the aspnet_iisapi.dll, it starts the HttpRuntime, which is the entry point of your application.

5) HttpRuntime calls the ProcessRequest method to start processing
HttpRuntime.ProcessRequest(HttpWorkerRequest wr)
It creates the instance of HttpContext which provide access to all it’s properties like Request, Response, Session using HttpContext.Current properties.

6) Then HttpRuntime loads HttpApplication object


Leave a comment

Filed under .Net

Encoding vs Encryption

First Similarities:
1) They both transform data into different format.
2) They both are reversible (unlike Hashing).


1) to transform data it uses a scheme that is publicly available
2) don’t require any key to transform, just algorithm & the same is used to decode it.
eg: ASCII, Unicode, Base64

1) to transform data it uses the way that only specific user can reverse it.
2) it uses key with plaintext & algorithm to encrypt and the ciphertext, algorithm & key is used to decrypt it.
eg: AES, RSA


Leave a comment

Filed under .Net

Difference between “==” and Equals() methods?

Value Type:- “==” & Equal() method usually compare object by value.

Reference Type:- “==” compares whether both the reference point to same object.
Equal() returns true if value at reference point to the object are equivalent.

there is an exception here for string that “==” compares value rather then object identity.

In the below example:- for value type is obvious, but for reference types s1 & s2 are different objects so it will return false where as both of objects are equivalent so it will return true.
















1 Comment

Filed under .Net, C#

Why do we need Constructor for abstract class?

Yes we can have constructor in Abstract class (though we can’t still create object of abstract class).
Because :- this way you can instantiate the data in abstract class.
And inherited classes can call the base constructor.

public abstract class A{
private string data;
protected A(string myString){
data = myString;

public class B : A {

B(string myString) : base(mystring){}

NOTE:- As you can’t override constructor, so we can’t have abstract constructor.

Leave a comment

Filed under .Net, C#

Abstract method vs Virtual method

Abstract method Virtual method
1) Abstract method doesn’t have any body defined. 1) Virtual method have their body defined otherwise it will give compile-time error message “<VirtualMethod()> must declare body because it is not defined abstract, extern, or partial.
2) Mandatory to implement them. 2) Not mandatory to override them.
3) They can be defined in abstract classes only. 3) They can be defined in any instance class.

Leave a comment

Filed under .Net, C#