| Stan Reckard 2004-10-22, 5:53 pm |
| I am using Windows 2000 (not Server) as my development machine. I want to
use ASP.NET to communicate with a C++/gSOAP 2.7 server via SSL that requires
client certificates. I run both client and server on my development box.
How can I enable the "Server Certificate..." button on the "Directory
Security" tab in IIS?
I found an article in MSDN entitled "Enabling Client Certificates" that
states "Your Web server cannot process client certificates unless you have
previously installed a server certificate and enabled your server's secure
communication features". But the "Server Certificate..." button is disabled
in IIS!
I can successfully communicate using openssl s_client and our server
application using client and server certificates. When I try to use our
ASP.NET client to communicate with our server app, I get an error. The event
log states
"The remote server has requested SSL client authentication, but no suitable
client certificate could be found. An anonymous connection will be attempted.
This SSL connection request may succeed or fail, depending on the server's
policy settings. "
I have code in our .ASPX Load_Page() that uses CreateFromCertFile() to load
the client certificate (Base 64 x509 DER format) and then adds the
certificate to ClientCertificates collection object of the proxy object.
However, from a tcpTrace I can see that the client certificate is not being
sent to the server.
This led me to wonder if I need to configure IIS to enable client
certificates.
BTW, I installed the CA root certificate using mmc.exe
Any help would be greatly appreciated.
Stan
|