Client Certificate Support

L

localhost

I have an IIS6 site that does not have an SSL certificate installed.
I do not want to install a server SSL cert on the site.

I want to protect certain .aspx pages based on the availibility of the
web browser client certificate. I want to do something like this:

HttpClientCertificate clientCert = Request.ClientCertificate;
if ( clientCert.IsValid == true )
{
if ( clientCert.PublicKey == bytesIexpectToGet )
{
// Allow access to the page
}
}

But
(1) does that work with IE on Windows, IE on Mac, Netscape on Windows,
Opera on Windows, Safari on Mac?
(2) can I do the above without needing SSL certificates or any
non-default IIS Admin settings on the web server?

This is for an ISP hosted environment where I have no control over any
IIS settings.

Thanks.
 
S

Steven Cheng[MSFT]

Hi Localhost,

Thanks for posting in the community!
From your description, you'd like to manually obtain the client
certificates in your ASP.NET code without setting the certification
requirment on the IIS server, yes?
If there is anything I misunderstood, please feel free to let me know.

Based on my research, the client side certificate will be sent to the
requested site only if the site has configured to request the certain
certificate. Otherwise, no certificate will be sent. Here is the detailed
related document in MSDN:

#Request.ClientCertificate Collection
http://msdn.microsoft.com/library/en-us/iissdk/iis/ref_vbom_reqoccc.asp?fram
e=true

And here are some other references on Certificate Services

#Certificate Services
http://msdn.microsoft.com/library/en-us/security/security/certificate_servic
es.asp?frame=true

#Publishing Web Sites using Client Certificate Authentication
http://www.isaserver.org/tutorials/Publishing_Web_Sites_using_Client_Certifi
cate_Authentication.html

Please check out the preceding items. If you have any further questions,
please feel free to post here.



Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

X.509 Certificate based authentication 8
SSL Client Certificate error on Mac OS X 10.6.4 4
Client Certificate User Mapped Account 1
403: Forbidden when sending client certificate to remove web servi 1
SOAP access denied when IIS set to required client certificate 1
Client Certificate Validation 4
HttpWebRequest with certificate 0
Extract client certificate info... 2

Members online

No members online now.
Total: 87 (members: 1, guests: 86)
Robots: 456

Forum statistics

Threads
473,995
Messages
2,570,230
Members
46,819
Latest member
masterdaster

Latest Threads

Top