RE: Implementing SSL on IIS5
From: Lisa Cozzens [MSFT] (lcozzens@online.microsoft.com)
Date: 12/21/02
- Next message: BB: "Re: IIS permissions"
- Previous message: Lisa Cozzens [MSFT]: "RE: IIS Authentication Dialog prompt limit?"
- In reply to: Laboratorio Fiap: "Implementing SSL on IIS5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: lcozzens@online.microsoft.com (Lisa Cozzens [MSFT]) Date: Fri, 20 Dec 2002 23:27:04 GMT
Hi Leonardo,
You probably don't need client certificates at all. The main purpose of SSL
is to authenticate the server to the clients. If you're about to send your
credit card number to www.mycompany.com, you want to be sure that you're
actually sending that number to www.mycompany.com, and not to
www.evilhacker.com. SSL provides just this sort of assurance, as well as
encrypting traffic between client and server. If you have run through the
Server Certificate Wizard, you have this sort of authentication/encryption
set up already.
As the name suggests, client certificates authenticate clients to the
server. These are only useful in a few very specific cases. Unless you know
that you have a need for client certificates, you probably don't, and you
should leave the client certificate setting at "Ignore Client Certificates."
This is an excellent article that gives step-by-step instructions for
setting up SSL:
Q299525 HOWTO: Set Up SSL Using IIS 5.0 and Certificate Server 2.0
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q299525
Hope this helps,
Lisa
--------------------
> From: "Laboratorio Fiap" <lab@fiap.com.br>
> Subject: Implementing SSL on IIS5
> Date: Thu, 19 Dec 2002 17:53:50 -0200
> Lines: 17
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
> Message-ID: <eV560g5pCHA.1888@TK2MSFTNGP09>
> Newsgroups: microsoft.public.inetserver.iis.security
> NNTP-Posting-Host: 200-171-2-141.customer.telesp.net.br 200.171.2.141
> Path: cpmsftngxa09!TK2MSFTNGP08!TK2MSFTNGP09
> Xref: cpmsftngxa09 microsoft.public.inetserver.iis.security:13817
> X-Tomcat-NG: microsoft.public.inetserver.iis.security
>
> Well, I'd like to to if is there any way to secure a Virtual Server using
> SSL.
> The problem is, I can only accept the client to browse the page if only
the
> client has the right certificate. I've already used that option "REQUIRE
> CLIENT CERTIFICATES" but it didn't work..., when I try to open it, I
receive
> a "403.7 Forbidden: Client certificate required " error. The question is,
> which certificate am I supposed to use???...., I exported the Visrtual
> Server ' certificate, installed on the client, but it doesn't work..
>
> Hope u can help me, pls!!!
>
> Thanks.
> Leonardo
> FIAP
> leonardo@fiap.com.br
>
>
>
-----
Please do not send email directly to this alias. This is an online
account name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers
no rights. You assume all risk for your use.
© 2002 Microsoft Corporation. All rights reserved.
- Next message: BB: "Re: IIS permissions"
- Previous message: Lisa Cozzens [MSFT]: "RE: IIS Authentication Dialog prompt limit?"
- In reply to: Laboratorio Fiap: "Implementing SSL on IIS5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
