Menu
Here it is said http://blogs.iis.net/webtopics/archive/2010/04/27/configuring-many-to-one-client-certificate-mappings-for-iis-7-7-5.aspx
Many-to-one Client certificate mapping is used by the Internet Information Services (IIS) to associate an end user to a windows account when the client certificate is used for the user authentication.
What if I don't want to map with a windows account but with an account in custom database or in membership ?
How to do it in asp.net (sample code somewhere ?)
hmm: nobody knows ? Will have to give bounty soon :)
796
In Control Panel, click Programs and Features, and then click Turn Windows features on or off. Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select IIS Client Certificate Mapping Authentication. Click OK. Click Close.
On the taskbar, click Start, and then click Control Panel. In Control Panel, click Programs and Features, and then click Turn Windows Features on or off. Expand Internet Information Services, then select Client Certificate Mapping Authentication, and then click OK.
Go to Default Web Site → SSL Settings . Enable Require SSL , choose Require for Client certificate and then click Apply to save the settings.
The US DOD uses this for CAC. Essentially, you just store some part of the certificate (say the SUBJECT) and then compare against this for authentication.
In ASP.Net, you access the Client Cert thusly:
Request.ClientCertificate.Subject
Many certificate subjects will have a unique id within and so the certificate id is used to cover for changes in the individuals name.
156
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
