Re: PKI Problem

From: Ohaya (Ohaya_at_NO_SPAM.cox.net)
Date: 04/02/04 

Date: Thu, 1 Apr 2004 21:05:33 -0500

Alvey,

Not sure about this one, but a couple of things:

1) Do you have "Allow Anonymous" checkbox enabled, and the 3 (I think)
checkboxes (e.g., Basic Authentication, etc.) at the bottom of the same
window unchecked?

2) You might try installing SSLDiag, then configure the website for "require
client authentication", then run SSLDiag, and see if SSLDiag shows any
errors (red exclamation marks).

Jim

"Alvey" <alveyrw@kpt.nuwc.navy.mil> wrote in message
news:14F646C8-27BB-4ED1-BB34-3BCD8D857911@microsoft.com...
> I've got a Win 2000 server set up with IIS 5.0. The web site run by the
server I need to configure so that client certificates are required to
connect. However, whenever I set that option, IIS will freeze whenever
someone attempts to connect. If I set it to "Ignore Client Certificates"
everything works fine and normal. So far I haven't been able to generate
any kind of error through IIS or on the basic Event logs (although I did
generate a 1202 SCECLI event once, but I fixed that easily enough), IIS just
freezes with no warning. Fortunately all I have to do to fix the problem is
just stop IIS, change it back to Ignore client certificates, and start it
again, but I still need to make it PKI certs required.
>
> I've sniffed the traffic, and it seems like everything works fine from
that end, only no applicate (web page) data is ever passed.

Relevant Pages

  • RE: OMA Error 1503
    ... Basic Authentication is the only checkbox selected for the OMA VD. ... Re-run the CEICW on your SBS box and ensure Outlook Mobile Access is ... Install MBExplorer by installing IIS 6 Resource Kit Tools: ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Detailed description of Crypto API changes in MS04-011 available??
    ... > this authentication since 2001 I would like to know if there's> a detailed description of Crypto API changes which came with> the patch MS04-011 (especially the changes related to clients> certificates and CRL checking). ... > - Before this patch client certificates with a faulty CDP> were NOT seen as revoked from IIS 5!! ... Here's "How to use the Windows Server 2003 version of the ...
    (microsoft.public.platformsdk.security)
  • RE: Newbie question: Basic auth works, Chall/Resp fails?
    ... Subject: Newbie question: Basic auth works, Chall/Resp fails? ... patched up to date and IIS 4. ... I'm not worried about the clear text issue that Basic authentication ... > account domain and normally authenticates against ...
    (microsoft.public.inetserver.iis.security)
  • Re: Passing credentials
    ... > I have two web sites on the same IIS ... > server. ... Site B is set with 'Basic Authentication' mode. ... Tom Kaminski IIS MVP ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS With Basic Authentication Set/FormsAuthentication - HELP PLS!?
    ... IIS does... ... When you use Forms authentication you have to set IIS to Anonymous ... > Basic Authentication set. ... > again, trying to avoid the browser prompt, and add the authentication to ...
    (microsoft.public.dotnet.security)