Re: SSL and Client Authentication
From: arijan (arijan00_at_gmail.com)
Date: 10/17/05
- Previous message: Ken Schaefer: "Re: limiting access to files with asp.net"
- In reply to: David Wang [Msft]: "Re: SSL and Client Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 17 Oct 2005 00:26:49 -0700
Thanky for your replay
Well I dont have problems with SSL encryption
I am having problems with authentication
This are the steps that I take to acomplish this
Three machines web(2k3) stand alone CA(2k3) and client(XP)
After I am succsesfully doing MY SSL on a WEB I try to tighten my
security by acomplishing Authentication with Certifications
First I go on my client and I do a browser request from a CA,
After issuing a cert. I go back on my client broswer and I click
install ( where I verify that this certification was installed
correctly on my IE).
Then I go on my CA and copy this browser cleint certification and I
trasportit to my web server
On MY Web server IIS I map this certification with local acount. Than
I move all other forms of authentications and I click request client
cert.
NO succsess
But when I have web server and CA on the same machine I dont have
anyproblems
Thanks for your help David
Kind regards
Arijan
David Wang [Msft] wrote:
> I have no idea what you are trying to accomplish, especially the following:
> > I am requesting web cert. from CA , and then I am installing it,
> > and then from another Comp. running XP I am trying to request
> > Client cert. where I install this cert, and I go and map this cert on
> > IIS to local computer acount (Workgoup)
>
> It definitely does not sound like the right way to do client certificates.
> You never install and request the same certificate - only one identity is
> supposed to own a certificate.
>
> It is working in the case where the CA and web page are on the same machine
> because you managed to install it already. It sounds like you are failing to
> install the client certificate on the XP machine hence it cannot be selected
> for use. If so, that has nothing to do with IIS nor security; please look up
> how to assign certificates to users in normal Windows documentation.
>
> Now, SSL has nothing to do with Client Certificates. One is encryption, and
> the other is authentication. In particular you do not need Client
> Certificates to do SSL.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
> "arijan" <arijan00@gmail.com> wrote in message
> news:1129275964.734296.305080@z14g2000cwz.googlegroups.com...
> I have two machines with 2k3, I one I setup Stand-alone CA and in the
> other one WEB page,
> I am requesting web cert. from CA , and then I am installing it, and
> then from another Comp. running XP I am trying to request Client cert.
> where I install this cert, and I go and map this cert on IIS to local
> computer acount (Workgoup)
> BUT This is not working I cant access my web
> But when I have A web page and CA on the same machine I dont have
> problems,I can use Client cert with no problems
> I been searching for solutions for more thane a month but nothing
> Anybody any idea
- Previous message: Ken Schaefer: "Re: limiting access to files with asp.net"
- In reply to: David Wang [Msft]: "Re: SSL and Client Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
