Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the difference between requiring an SSL cert and accepting an SSL cert?

Tags:

So I know the fundamental difference between requiring an SSL cert and accepting, one means you must have an SSL certificate and the other means you don't need one.

In my IIS Manager for a certain webpage I have the this setup: enter image description here

The issue that I am having is that when I set Require SSL Cert and have Client certificates set to accept/ignore I can only get to webpage using HTTPS. Now if I change it to Require, I can no longer access the webpage, even with HTTPS... so I am just trying to figure out what the difference is, and how it effects the webpage.

So maybe my question is phrased wrong... I'm not sure, my understanding on the subject is fairly limited, so any help would be appreciated.

Thanks!

like image 661
Adjit Avatar asked Oct 15 '13 14:10

Adjit

People also ask

What does it mean to require SSL?

SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web browser. Companies and organizations need to add SSL certificates to their websites to secure online transactions and keep customer information private and secure.

What does SSL accept all certificates mean?

Yes, it means that it will accept all (as in, regardless of issuer) SSL certificates, even if they are from an untrusted Certificate Authority. You could use this if you didn't care who your messages were going to but wanted them secure.

What is SSL certificate and why it is required?

An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It's kind of like sealing a letter in an envelope before sending it through the mail.

What is required for SSL certificate?

What do I need to have before buying an SSL certificate? A unique IP address. Because of the way that the SSL protocol was set up, you will need a separate IP address for each certificate that you want to use. If you don't, some older devices and browsers won't be able to use your site.

1 Answers

Client-certificate authentication can be optional or mandatory, or not used at all.

  • Ignore is when it's not used at all.
  • Accept will take a certificate if it's presented, but will also continue with connections where the client doesn't present one.
  • Require only continues with connections that have a client certificate.

Client-certificate authentication is something that can only be initiated by the server in SSL/TLS, so this terminology isn't quite correct, but that's what's used in IIS.

like image 71
Bruno Avatar answered Oct 20 '22 14:10

Bruno
Sign in to Comment

Related questions

Is there a way to find out where a css rule is coming from?
Excel data validation with suggestions/autocomplete
Visual Studio Team Services: How to migrate from Agile to Scrum process template
What does normal(+) status in svn denotes?
How to Improve Query Performance with many JOINs
Resizing numpy.memmap arrays
Is Android NSD (Network Service Discovery) compatible with Bonjour service in iOS?
What happened to java.util.stream.Streamable?
Is a /start/,/end/ range expression ever useful in awk?
Generating Android build with Gitlab CI
How to read a struct from a file in Rust?
Embeddable JavaScript widget with React

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!