Why can't I see all of the client certificates available when I visit my web site locally on Windows 7 IIS 7?

Posted by Jay on Server Fault See other posts from Server Fault or by Jay
Published on 2013-09-18T16:40:31Z Indexed on 2013/11/08 15:59 UTC
Read the original article Hit count: 277

My team has recently moved to Windows 7 for our developer machines. We are attempting to configure IIS for application testing. Our application requires SSL and client certificates in order to authenticate.

What I've done:

  • I have configured IIS to require SSL and require (and tried accept) certificates under SSL Settings.
  • I have created the https binding and set it to the proper server certificate.
  • I've installed all the root and intermediate chain certificates for the soft certificates properly in current user and local machine stores.

The problem

When I browse to the web site, the SSL connection is established and I am prompted to choose a certificate. The issue is that the certificate is one that is created by my company that would be invalid for use in the application. I am not given the soft certificates that I have installed using MMC and IE.

We are able to utilize the soft certs from our development machines to our Windows 2008 servers that host the application.

What I did:

  • I have attempted to copy the Root CA to every folder location for the Current User and Location Machine account stores that the company certificate's root is in.

My questions:

  • Could I be mishandling the certs anywhere else?
  • Could there be a local/group policy that could be blocking the other certs from use?
  • What (if anything) should have to be done differently on Windows 7 from 2008 in regards to IIS?

Thanks for your help.

© Server Fault or respective owner

Related posts about windows-7

Related posts about iis7