Need a HOW TO create a client certificate for partner access

From: Serge Ayotte (sergea_at_groupesci.com)
Date: 08/17/05


Date: Wed, 17 Aug 2005 16:12:31 -0400


Hello to all... If the following is part of a white paper or other
'net resource, please direct me to it... After many trial on Google, I
can't seem to hit the right word combination :)
Never having touch (for not needing it) certificate/pki, I am a bit
lost now...

I need to secure a SharePoint Portal Server site that will be access
from the "outside" of the network (this SPS is running on a member
server of a SBS2K3 domain). I already have SSL and permit only that,
but I was asked to look into a "stronger" method of making sure that
the people accessing it are allowed.
Aside from user/password I immediately thought that a client
certificate would be the way to go, but now I am a bit lost in all the
information I got from MS and Technet about client certificate.

To give a certificate to someone to import on his computer, do I HAVE
to have him connect to a Certificate server site for that? Isn't there
a way for me to be able to generate the certificate and send it to the
"outside partner" I want to give access to the site?

If I am correct, I could then associate the certificate to a login
account, so in a way having a double security level (i.e.
username/password not enough to access, or only the certificate not
enough also).

Thank you in advance for any and all hints, tips, trick and direction
you will provide... Very much appreciated in advance!

Serge
-------------------------------------
Serge Ayotte
Systems Administrator



Relevant Pages

  • RE: Need a HOW TO create a client certificate for partner access
    ... "Serge Ayotte" wrote: ... > I need to secure a SharePoint Portal Server site that will be access ... > information I got from MS and Technet about client certificate. ...
    (microsoft.public.windows.server.security)
  • Re: Active Directory Federation Services
    ... How do I get a Microsoft CA to issue me a client cert? ... option for client certificate. ... There is a user certificate, ... I'm not an FSP expert by any means, but I might be able to help here. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SSL client certificate authentication
    ... The list is populated by IE based on the list of root CA certs that the IIS ... > 2> When I install the microsoft certificate services, ... > client certificate is installed in the client machine and gets stored ... > * In the Anonymous access and authentication control section, ...
    (microsoft.public.win2000.security)
  • SSL client certificate authentication
    ... I tried out doing the SSL client certificate authentication in the ... 2> When I install the microsoft certificate services, ...
    (microsoft.public.win2000.security)
  • Certificate Trust List
    ... EventID 36885 is registered when a user presents a client certificate. ... Patch the server from Windows Update including refreshing trusted root ... Install a client certificate issued by the CA from step 4 to IE6. ... On the server the following event is recorded in the System Log: ...
    (microsoft.public.inetserver.iis.security)