Re: Test internet servers with SSL client authentication

From: Michel Gallant (neutron_at_istar.ca)
Date: 03/26/05 

Date: Sat, 26 Mar 2005 08:48:39 -0500

I have already done this:
  IIS 5 + self-signed CA cert, imported into LM cert store and root imported into LM trusted CA certs
Works fine as https://localhost using IE6 and raises "select a client certificate" dialog

The problem is that using .NET 1.1 console application raises a Security not allowed
exception ... and I was wondering about IIS 5 implemention of SSL handshake.
(I saw come comments about IIS 5 using SSL 2 versus 3??)

So I wanted to verify the problem with a different SSL server implementation separate
from the client machine.

Thanks,
 - Mitch

"Marco van Nieuwenhoven" <MarcovanNieuwenhoven@discussions.microsoft.com> wrote in message
news:A5795E65-F3FB-4287-B5A1-C23FB094E8A6@microsoft.com...
> Why not make your own server with a Certificate Authority (CA) and make a
> self-signed certificate. With that you can generate any certificate for any
> purpose you want as long as you put the main CA certificate in your own
> "Trusted CA certificate store"
>
> grtx,
> Marco van Nieuwenhoven.
>
> "Michel Gallant" wrote:
> > Can someone point me to an SSL server on the Internet
> > using client-cert authentication .. for test purposes?
> > - Mitch
> >
> >
> >

Relevant Pages

  • Trusted CA question
    ... I'm new to this certificate game so bear with me here: ... IIS box and named it 'www'. ... certificate services on the IIS box (at which point it issued it's own 'root ... CA' cert to itself, or so I've managed to ascertain) and then browsed to my ...
    (microsoft.public.win2000.security)
  • Re: SSL Certificate Cached?
    ... Have you try to remove the cert from IIS MMC? ... Try remove all certs then import the new cert using this method. ... How to Import a Server Certificate for Use in Internet Information Services ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 5.1 SSL Cetificate Missing
    ... To view certs that IIS can use you need to manually run MMC, add the Certificates snapin, point it to the Machine account, and then look in the Personal Certificate Store. ... If you want a certificate from that CA, then there's no need to join a domain and auto-enroll. ... Run through the wizard in IIS to create a certificate request file, or generate your own using certreq.exe. ... After issueing your cert, install it onto the IIS website on your XP box. ...
    (microsoft.public.inetserver.iis.security)
  • Re: SSL Certificate on OWA server
    ... Just treat the IIS ... Take that cert text ... > the certificate no problem but then the certificate does not match the ... If I try to issue it to the alias then cert ...
    (microsoft.public.exchange.clients)
  • Re: certificate based web call fails under iis (urgent!)
    ... in order to get this to work (summary: Certificate based security ... calling web service from within a web service - only broken under IIS ... install cert in local machine certificate store ... IIS *please contact me*!! ...
    (microsoft.public.dotnet.framework.aspnet)