Re: SSL and certificates

From: Thomas Møller Jensen (NEWS_at_tmj.dk)
Date: 12/10/03

Next message: Chris Jackson: "Re: ASPNET User ID - Newbie ?'s, apologies"
Previous message: Eric Larsen: "Re: Redirect to default page using Windows Authentication"
In reply to: Kevin: "SSL and certificates"
Next in thread: Alun Jones [MS MVP]: "Re: SSL and certificates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 10 Dec 2003 09:19:13 -0800

You only need a server certificate for having users authenticate securely
with forms authentication over a SSL encrypted connection. In this scenario
the users are authenticated using their username and password, submitted to
the server over SSL.

Client certificates is not used for securing the connection between client
and server, but only to authenticate users. In this kind of scenario the
users does not submit their username/password for authentication, but
instead uses their client certificate to authenticate.

-- 
----
Regards TMJ
--------
"Kevin" <anonymous@discussions.microsoft.com> wrote in message
news:0f7f01c3be60$fe7193e0$a301280a@phx.gbl...
> Are client certificates necessary for SSL or just server
> certificates?
>
> The Microsoft help for setting up SSL takes you through
> creating a server root certificate and another server
> certificate and then installing each on all of the
> clients.  But other documentation that I have read
> suggests that SSL only needs server certificates and that
> client certificates are only needed for certificate
> authentication.  I want to use forms authentication and
> don't won't to force our customers to deploy client
> certificates if they don't have too.

Next message: Chris Jackson: "Re: ASPNET User ID - Newbie ?'s, apologies"
Previous message: Eric Larsen: "Re: Redirect to default page using Windows Authentication"
In reply to: Kevin: "SSL and certificates"
Next in thread: Alun Jones [MS MVP]: "Re: SSL and certificates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Mixed Mode Authentication in .net 2.0
... There are two parts to SSL, which is why this can be confusing. ... encryption and authentication of the server. ... ADFS supports a component called the federation service proxy which is ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: OWA 2003 w/ Smart Card Authentication.
... Whether or not authentication will succeed is completely dictated by IIS ... how SSL certificate auth handshake happens. ... FE servers must be Windows Server 2003. ... Server's SSL certificate must be configured on root of v-server via the ...
(microsoft.public.exchange.connectivity)
Re: OWA 2003 w/ Smart Card Authentication.
... Whether or not authentication will succeed is completely dictated by ... how SSL certificate auth handshake happens. ... FE servers must be Windows Server 2003. ... Server's SSL certificate must be configured on root of v-server via the ...
(microsoft.public.exchange.connectivity)
Re: OWA 2003 w/ Smart Card Authentication.
... Whether or not authentication will succeed is completely dictated by ... how SSL certificate auth handshake happens. ... FE servers must be Windows Server 2003. ... Server's SSL certificate must be configured on root of v-server via ...
(microsoft.public.exchange.connectivity)
Re: OWA 2003 w/ Smart Card Authentication.
... Exchange 2003 server via ActivSync. ... the IIS certificate. ... Whether or not authentication will succeed is completely dictated by ... Server's SSL certificate must be configured on root of v-server via ...
(microsoft.public.exchange.connectivity)