Welcome to HostingForumz.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Forcing a 2-way SSL

  
   Web Hosting Problem Solving Community! (Home) -> IIS RSS
Next:  Multi-session on IIS  
Author Message
user785

External


Since: Sep 15, 2003
Posts: 1



(Msg. 1) Posted: Mon Sep 15, 2003 2:40 pm
Post subject: Forcing a 2-way SSL
Archived from groups: microsoft>public>inetserver>iis (more info?)
Hi,
I have a problem that the server (servlet or ASP-page) needs the client
certificate in order to do a proper verification of the client.

If the server could force the setup of a 2-way SSL, the client-browser
would prompt the user with a "choose certificate" dialog (preferably
only those that the server could validate). That would result in the
client-certificate being included in the request-object and could be
picked out / verified by the server.

Anyone who knows if this is possible, and how to do it?

I know this is possible with Apache, so I could probably have an Apache
front-end that could do this (and re-directing to the IIS), but that is
not very elegant.

Regards, Erik

 >> Stay informed about: Forcing a 2-way SSL 
Back to top
Login to vote
ddietz

External


Since: Aug 28, 2003
Posts: 8



(Msg. 2) Posted: Tue Sep 16, 2003 12:43 am
Post subject: RE: Forcing a 2-way SSL [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Erik,

This is part of the basic functionality of IIS and SSL.

On the Secure Communications page where you tell IIS to 'Require Secure
Channel' there is an option to 'Require Client Certificate'.

If you click the radio button to require a client certificate it should
almost exactly as you describe.

Hope this helps.

David Dietz -- IIS Support Professional
Search our online Knowledge Base
http://support.microsoft.com/support/

This posting is provided “AS IS” with no warranties, and confers no rights.
You assume all risk for your use. © 2001 Microsoft Corporation. All rights
reserved

--------------------
|>Message-ID: <3F658915.1080702.TakeThisOut@ergo.no>
|>Date: Mon, 15 Sep 2003 11:40:37 +0200
|>From: Erik Ruud <erik.ruud.TakeThisOut@ergo.no>
|>User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1)
Gecko/20020823 Netscape/7.0
|>X-Accept-Language: en-us, en
|>MIME-Version: 1.0
|>Subject: Forcing a 2-way SSL
|>Content-Type: text/plain; charset=us-ascii; format=flowed
|>Content-Transfer-Encoding: 7bit
|>Newsgroups: microsoft.public.inetserver.iis
|>NNTP-Posting-Host: pc6-199.sds.no 139.105.6.199
|>Lines: 1
|>Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
phx.gbl!TK2MSFTNGP09.phx.gbl
|>Xref: cpmsftngxa07.phx.gbl microsoft.public.inetserver.iis:275148
|>X-Tomcat-NG: microsoft.public.inetserver.iis
|>
|>Hi,
|>I have a problem that the server (servlet or ASP-page) needs the client
|>certificate in order to do a proper verification of the client.
|>
|>If the server could force the setup of a 2-way SSL, the client-browser
|>would prompt the user with a "choose certificate" dialog (preferably
|>only those that the server could validate). That would result in the
|>client-certificate being included in the request-object and could be
|>picked out / verified by the server.
|>
|>Anyone who knows if this is possible, and how to do it?
|>
|>I know this is possible with Apache, so I could probably have an Apache
|>front-end that could do this (and re-directing to the IIS), but that is
|>not very elegant.
|>
|>Regards, Erik
|>
|>

 >> Stay informed about: Forcing a 2-way SSL 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting Problem Solving Community! (Home) -> IIS All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]