RE: Need a HOW TO create a client certificate for partner access

From: dave nixon (david.nixon_at_danix-consulting.com)
Date: 08/18/05

  • Next message: Roger Abell: "Re: Need limited domain admin rights user account." 
    Date: Wed, 17 Aug 2005 15:32:04 -0700

    its all in here!

    http://www.microsoft.com/technet/prodtechnol/office/sps2003/maintain/enablssl.mspx

    "Serge Ayotte" wrote:

    >
    > Hello to all... If the following is part of a white paper or other
    > 'net resource, please direct me to it... After many trial on Google, I
    > can't seem to hit the right word combination :)
    > Never having touch (for not needing it) certificate/pki, I am a bit
    > lost now...
    >
    > I need to secure a SharePoint Portal Server site that will be access
    > from the "outside" of the network (this SPS is running on a member
    > server of a SBS2K3 domain). I already have SSL and permit only that,
    > but I was asked to look into a "stronger" method of making sure that
    > the people accessing it are allowed.
    > Aside from user/password I immediately thought that a client
    > certificate would be the way to go, but now I am a bit lost in all the
    > information I got from MS and Technet about client certificate.
    >
    > To give a certificate to someone to import on his computer, do I HAVE
    > to have him connect to a Certificate server site for that? Isn't there
    > a way for me to be able to generate the certificate and send it to the
    > "outside partner" I want to give access to the site?
    >
    > If I am correct, I could then associate the certificate to a login
    > account, so in a way having a double security level (i.e.
    > username/password not enough to access, or only the certificate not
    > enough also).
    >
    > Thank you in advance for any and all hints, tips, trick and direction
    > you will provide... Very much appreciated in advance!
    >
    > Serge
    > -------------------------------------
    > Serge Ayotte
    > Systems Administrator
    >

  • Next message: Roger Abell: "Re: Need limited domain admin rights user account."

    Relevant Pages

    • Need a HOW TO create a client certificate for partner access
      ... I need to secure a SharePoint Portal Server site that will be access ... information I got from MS and Technet about client certificate. ... Serge Ayotte ...
      (microsoft.public.windows.server.security)
    • Re: Active Directory Federation Services
      ... How do I get a Microsoft CA to issue me a client cert? ... option for client certificate. ... There is a user certificate, ... I'm not an FSP expert by any means, but I might be able to help here. ...
      (microsoft.public.windows.server.active_directory)
    • Re: SSL client certificate authentication
      ... The list is populated by IE based on the list of root CA certs that the IIS ... > 2> When I install the microsoft certificate services, ... > client certificate is installed in the client machine and gets stored ... > * In the Anonymous access and authentication control section, ...
      (microsoft.public.win2000.security)
    • SSL client certificate authentication
      ... I tried out doing the SSL client certificate authentication in the ... 2> When I install the microsoft certificate services, ...
      (microsoft.public.win2000.security)
    • Certificate Trust List
      ... EventID 36885 is registered when a user presents a client certificate. ... Patch the server from Windows Update including refreshing trusted root ... Install a client certificate issued by the CA from step 4 to IE6. ... On the server the following event is recorded in the System Log: ...
      (microsoft.public.inetserver.iis.security)