garyritu Posted March 30, 2011 Posted March 30, 2011 I am very new to IIS please help. I am using Windows 2008 server with IIS 6.0 (thats what "about IIS" says in help however when I open the http://localhost it shows the page IIS7 ) I am trying to create a client authenticated SSL session. These are the below steps that I have done till now. 1. Install IIS server on Windows 2008 with ClientCertificate Mapping option checked. 2. Install Active directory on the server. Domain controller. 3. Install Microsoft CA on the server. 4. After installing the above components I created a certificate request for SSL connection by going into IIS manager>> Server certificates>> Create new certificate request. 5. I submitted this request to the installed CA and got the (web server) certificate. 6. Installed this certificate using IIS manager>> Server certificates>> complete certificate request. 7. Bind this certificate with the server IP address. 8. Go to the website>> SSL>> check "require SSL connection". 9. Now if I do https://localhost, it works. https://localhost/certsrv for Microsoft CA also works. 10. Go to Active Directory and create a user. 11. Logon to this domain using a Windows XP machine and request and Client certificate from the Microsoft CA. 12. Now this is where I am stuck, this certificate should be mapped to this user in IIS so that it could perform a client authenticated SSL connection. I am not able to find a screen or way to do it. It was easy in IIS 5 where this was at the same screen with "Require SSL connection". Could you please let me know how to achieve this? Quote
ICTCity Posted March 30, 2011 Posted March 30, 2011 I think you are looking for this: http://technet.microsoft.com/en-us/library/cc736781(WS.10).aspx let me know. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.