Why can't I see all of the client certificates available when I visit my web site locally on Windows 7 IIS 7?
Posted
by
Jay
on Server Fault
See other posts from Server Fault
or by Jay
Published on 2013-09-18T16:40:31Z
Indexed on
2013/11/08
15:59 UTC
Read the original article
Hit count: 277
My team has recently moved to Windows 7 for our developer machines. We are attempting to configure IIS for application testing. Our application requires SSL and client certificates in order to authenticate.
What I've done:
- I have configured IIS to require SSL and require (and tried accept) certificates under SSL Settings.
- I have created the https binding and set it to the proper server certificate.
- I've installed all the root and intermediate chain certificates for the soft certificates properly in current user and local machine stores.
The problem
When I browse to the web site, the SSL connection is established and I am prompted to choose a certificate. The issue is that the certificate is one that is created by my company that would be invalid for use in the application. I am not given the soft certificates that I have installed using MMC and IE.
We are able to utilize the soft certs from our development machines to our Windows 2008 servers that host the application.
What I did:
- I have attempted to copy the Root CA to every folder location for the Current User and Location Machine account stores that the company certificate's root is in.
My questions:
- Could I be mishandling the certs anywhere else?
- Could there be a local/group policy that could be blocking the other certs from use?
- What (if anything) should have to be done differently on Windows 7 from 2008 in regards to IIS?
Thanks for your help.
© Server Fault or respective owner