Solved

IIS Certificate Mapping

Posted on 2008-10-25
1
480 Views
Last Modified: 2012-05-05
I would like to understand how certificate mapping works for a website I am currently trying to secure. The website has it's own server certificate from a CA(godaddy). and is currently only acessible via SSL. I would only like one client to have access to the website. Do I need to send them my public SSL certificate and map that to a user account that only has access to the specific folders for the website?

If I do that, then couldn't anyone with my public SSL gain access to the website?

Does the client need to get it's own certificate? If so where and how do you get client certificates. If they get a certificate, do they send me there public SSL certificate and I map that to the user account? What if someone were able to get there client certificate couldn't they gain access as well?

My end goal is to only allow one client computer access to an SSL website I host on the internet as securly as possible.

Thanks in advance.
0
Comment
Question by:jmelcher
1 Comment
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 22812877
The user should get a cert with the Client Authentication EKU (extended key usage).  You would configure trust on your server - here is a decent article on how to set this up:
http://www.windowsecurity.com/articles/Client-Certificate-Authentication-IIS6.html
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sweet32 Vulnerability in Microsoft IIS7.5 6 944
IIS Windows Server FTP 5 30
php exec doesnt works on iis 4 17
Add a loading gif while php runs server side 15 29
Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question