Win2k Cert Server

From: Avi Drabkin (
Date: 07/15/02

From: (Avi Drabkin)
Date: 15 Jul 2002 11:31:57 -0700

Has anyone here played around with the Win2k Cert server? We're trying
to set up secure web services where we control exactly who comes in to
our website, by issuing our own Certificates.
Here's my scenario:
Machine 1: Certserver
Machine 2: IIS Server
Machine 3: Client
I have successfully issued an SSL cert to Machine 2 from Machine 1. I
have also downloaded and installed the Certification Path, as well as
the server revocation list on Machine 2. My Certserver shows up in the
list of Trusted Certificate Authorities on Machine 2.
I am able to go to machine 2 via SSL, when I look at the cert,
everything is peachy.
Using Machine 3, I get a Client Cert from Machine 1. Verify that it
has installed properly.
On Machine 2, I enable Require SSL, and Require Client Cert. I even
export Machine 3's Client cert, and add it to the 1 to 1 Cert Mapping
to the Administrator account.
On Machine 3, whenever I go to the ssl site, it says "This Page
requires a client Certificate"
all machines are on a local LAN.... all machines are on separate
domains, but I don't think that should matter... should it?...

Any insight would be great!
Please send responses to


Relevant Pages

  • Re: Loss of Webmail after renewing our Certificate
    ... Nothing to abnormal in the event logs. ... If you deselect the "require SSL" box, ... there a method to uninstall a cert and reinstall or anything like ... I'd take a look at the server and make sure that the cert was ...
  • RE: IIS Key pairs (how to export an IIS 4.0 self-issued Root CA a nd import into new IIS 4.0 box)
    ... it prompts the user for what client cert they want to use to connect to the ... it issues client certificates to the end users. ... Step I - Installing the New Server ... Install NT SP 3 ONLY ...
  • Re: http_403 error, but not for everyone
    ... As far as the SSL cert is concerned, as I stated I can login successfully ... > - if the server you connect to is not a frontend exchange server see this ... The server is setup SSL, ...
  • SSL Cert and EAS
    ... I have just purchased a godaddy SSL cert for my WM5.0 AKU2 device and I ... The security certifcate on the server is invalid. ... Administrator or ISP to install a valid certificate on the server. ...
  • Re: Windows 2003 sbs : multiple webs & SSL
    ... You can get them to install the cert though. ... > instance) and install it on the server. ... Forgetting about SSL for a moment, you CAN have different websites on ...