|
| Hi Brian,
Well, if you figure it out please tell me, too. I am having
the same problem. Check out my question "Cannot establish
certificate chain for client authentication" posted here a
few days back.
The only way to get it to work for me right now (ie, client
gets a non-blank list) is to have the RootCA signs the
client cert.
SSL-er
>-----Original Message-----
>We are trying to migrate our Certificate Services from a
>third party to in house. I have created the following
>hierarchy:
>
>RootCA
> |
>SubCA
> |
>Website with issued
>certificate from SubCA
>
>
>Now I think everything is setup correctly, I have the Root
>Certificate installed on the server and the Root
>Certificate is part of the IIS CTL list (this is IIS 5.0
>on Windows 2000). Problem is that when the client
>retrieves a Certificate from the SubCA then attempts to
>navigate to the Website requiring client certificates,
>they get a Blank List of Certificates to choose from.
>
>Has anyone encountered this and know how to fix it? Any
>suggestions welcome, thanks in advance.
>
>-Brian
>.
>
|
|