IIS 5.0 certificate mapping with W2003 standalone CA

From: Peter Post (Post_at_discussions.microsoft.com)
Date: 05/12/05 

Date: Wed, 11 May 2005 23:29:25 -0700

Background:
The business requires SSL client authentication. At IIS level we want to use
certificate mapping. Currently there is an extranet domain (W2k) with IIS 5.0
servers and two domain controllers. At the moment there is no PKI in place.
In the near future there are plans to remove this extranet domain and migrate
to an new domain. Because of this we want to use a Windows 2003 standalone CA
in workgroup mode so we can keep using this CA after migration.

Question:
Is it possible that the 2003 standalone CA can publish the issued
certifcates to active directory so IIS certificate mapping can be used?

TIA

Relevant Pages

  • RE: IIS Client Certificate Mapping and Windows 2000 Delegation to SQL
    ... AD certificate mapping may not work for delegation. ... Only the IIS ... >Windows authentication) using the credentials mapped to their certificate. ...
    (microsoft.public.inetserver.iis.security)
  • problem accesing Active Directory from an ASP.NET App when user has been authenticated via AD certif
    ... I am developing an ASP.NET web application which interacts with AD. Client/User authentication must be done via AD certificate mapping, so I have configured IIS to do UPN mapping: ... Since certificate mapping is donde ok, I suppose the web application is running under the user account credentials...and the user account has got the required permissions to do the operation, but AD server does not permit to do the operation. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: IIS and Certificate User Mapping
    ... Is this IIS certificate mapping or certificate mapping using the AD ... What happens if you set IIS with require cert instead of accept? ... be possible that basic auth is attempted before SSL client auth? ...
    (microsoft.public.windows.server.security)
Quantcast