Disable or Control certificate auto-import?
- From: "Don Thimsen" <dthimsenospam@xxxxxxxxx>
- Date: Wed, 13 Dec 2006 19:20:06 -0500
I'm working with an IIS 6.0 website running on Windows 2003 Server.
It's normally used as an internal website, but we now have a small group
of geographically disperse external users that require access. VPN isn't
practical in this situation, so I though I'd try SSL.
I first tried using SelfSSL and then Requiring SSL connections. The idea
being
that I could export the certificate, and then get both internal and external
users to
manually add the pfx file using the password I used during the certificate
creation.
This worked like I wanted until I realized users can "Continue to this
website
(not recommended) and get to the site anyway. Can the IIS configuration be
setup
to disable auto-import for browsers (which I doubt), or is there a way a
"server"
certifcate can force a password prompt during the auto-imported? For
example,
certifcates from a real CA have more capabilities?
I'm obviously new to this, and have also read about requiring client
certificates
in IIS, but don't really understand how they could be easily implemented in
our
environment.
Any suggestion?
TIA,
Don
.
- Follow-Ups:
- Re: Disable or Control certificate auto-import?
- From: Miha Pihler [MVP]
- Re: Disable or Control certificate auto-import?
- Prev by Date: how to use TSL with ASP.NET ?
- Next by Date: Re: IIS7 with multiple web sites - Windows Auth only working on localhost
- Previous by thread: how to use TSL with ASP.NET ?
- Next by thread: Re: Disable or Control certificate auto-import?
- Index(es):
Relevant Pages
|
