Restrict website access based on certificate

jetpoet_at_yahoo.com
Date: 10/29/03


Date: 29 Oct 2003 01:28:15 -0800

Hi all!

I would like to know how I can restrict access to a specific website
or subdirectory in a website based on certificates.

I have a webbased administration interface for a website that I
administer. This is in a subdirectory on the webserver. This
subdirectory has restricted access based on IP addresses and
passwords, but unfortunately I also have people that need access to
this who are on dynamic IP addresses.

So I would like to just have them install a certificate on their
client machine and have this be the authentication. I am not sure if I
can issue a personal certificate to each client so I can "turn off"
certain clients if I want to.

I am not interested in these certificates being authenticated or
issued by somebody like Verisign. I just want to issue them myself.

What would I need for this scenario? I have a Windows 2003 server
where this runs. The application is programmed in C# and ASP.NET.

I would need to install a Certificate Server on the webserver to issue
certificates, that much I know. But how do I configure IIS to request
the certificates from the clients.

What are the security implications with this approach as opposed to
the IP filter?

All the best, and thank you in advance for your time.

Pete



Relevant Pages

  • Re: Proposal for a new PKI model (At least I hope its new)
    ... SSL domain name certificates proove nothing about who you are ... ... That is where the public key registration comes in ... ... clients visiting the website can be ...
    (sci.crypt)
  • Re: Copyright question
    ... I have collected a number of certificates and various other ... documents that I would like to include in my new website. ... Oh yes just read section 8d bit about placing on internet, ... limited capacity I can include the certs. ...
    (soc.genealogy.britain)
  • Re: de Guise: the sham continues
    ... Guise - despite the fact that he was neither Duke of Lorraine nor Head ... published the family certificates showing his name was Pierre Marie, ... certificates to show that his name was Sarin, not Claude. ... long it takes for his website to be further amended - you are reading, ...
    (rec.heraldry)
  • Re: Copyright question
    ... I have collected a number of certificates and various other documents that I would like to include in my new website. ... I have read on another goverment site which I can't find at the moment that you are allowed to share certificates for private family use. ... within works of genealogical research undertaken by or on behalf of the family concerned where the work in question will be given limited distribution only. ... However if I just pass my research around in a limited capacity I can include the certs. ...
    (soc.genealogy.britain)
  • Re: Copyright question
    ... I have collected a number of certificates and various other ... documents that I would like to include in my new website. ... Oh yes just read section 8d bit about placing on internet, ... in a members only section of the site that you could argue that that is not ...
    (soc.genealogy.britain)