Menu
We have an application deployed to IIS and every time we connect to it, we get the following browser prompt:
Select a certificate to authenticate yourself to sitename
We do not have a reason to challenge for a client certificate and seems like this setting was introduced by mistake
How can we remove it?
Research:
This question on How can I prevent browsers from prompting Users for a Client Certificate? looks similar, but doesn't have an answer yet, and also is about setting this up on kestrel-http-server
This question on Browser is not prompting for a client certificate is for how to make sure there is a prompt, and didn't provide enough hints as to how to prevent one
670
To disable client certificate authentication in a development environment: Remove the validateCertificateThumbprint setting from the <xp-service-role>\App_Config\AppSettings. config file. Repeat for all XP service.
Client Certificate Mapping authentication using Active Directory - this method of authentication requires that the IIS 7 server and the client computer are members of an Active Directory domain, and user accounts are stored in Active Directory.
Open IIS and navigate to your web site or application and go to the SSL settings
Set the Client Certificate setting to "Ignore"
Both 'Accept' and 'Require' will both challenge for a client side cert
Recycle your app pool and re-launch your browser to test
Note: SSL settings are inherited from your Site > Application, so you may need to apply these SSL Settings at multiple levels
Further Reading:
166
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
