Re: Revoked Client Cert caused other SSL page to show 403.13 error
From: ChoiHanChoong (hcchoi_at_drstudio.com)
Date: 07/01/03
- Next message: Ken Schaefer: "Re: how to address to secure page?"
- Previous message: Ken Schaefer: "Re: IIS 5.0 NT Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 01 Jul 2003 10:20:24 +0800
Hi,
The Directory security configuration for my web site and other vdirs are
- Unchecked "require secure channel"
- Selected "ignore client certificates"
The Directory security configuration for /cert folder that is in this
web site are
- Checked "require secure certificates"
- Selected "require client certificates"
It seems that once I access the /cert folder with a revoked client
certificate, all SSL protocol on my web site uses this revoked
credential which cause the 403.13 error page to appear. By the way, I am
using IE6 to test the site and webserver is IIS5 on W2K SP3.
I will try out the tool you mentioned.
Thanks.
Chris Adams wrote:
> Hey ~
>
> What are the other site\vdirs\dirs set for? Are they set to "ignore client
> certificates"? If they are NOT, then even if set to accept or require it
> will deny them. A bad cert based on CRL will fail on accept or require.
>
> I would recommend that you find a post I made on the 16th for SSL
> Diagnostics - Beta 2 to check your configuration. This tool will find the
> inconsistenies (sp?) with your config...
>
> If you have trouble finding this tool, email ssldiag@microsoft.com.
>
> Thanks and HTH,
>
- Next message: Ken Schaefer: "Re: how to address to secure page?"
- Previous message: Ken Schaefer: "Re: IIS 5.0 NT Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
