I am trying to setup client certificate one to one mapping for my website on a windows 2003 SP2 server running IIS 6.0 (All patched up).
Here is my issue: My setup allows any client certificate and will not respect the client mappings (1 to 1 or many to 1).
IIS 6.0 setup (Everything is working fine, but the enforcement of the custom mappings)
1) Integrated authentication
2) Required Client certificates
3) Added a one to one mapping to a domain user account
4) Verified that the "WEB Sites/directory security" property "Enable the Windows directory Service Mapper" Is not set.
5) Web site has a working certificate
6) I use windows CA internally to issue/request certificates
7) Verified the metabase settings AccessSSLMapCert = 488
8) Restart IIS & Tried rebooting server & closed IE 7.0 brower/flushed caches
What is the secret?