Solved

IIS Certificate Mapping

Posted on 2008-10-25
1
479 Views
Last Modified: 2012-05-05
I would like to understand how certificate mapping works for a website I am currently trying to secure. The website has it's own server certificate from a CA(godaddy). and is currently only acessible via SSL. I would only like one client to have access to the website. Do I need to send them my public SSL certificate and map that to a user account that only has access to the specific folders for the website?

If I do that, then couldn't anyone with my public SSL gain access to the website?

Does the client need to get it's own certificate? If so where and how do you get client certificates. If they get a certificate, do they send me there public SSL certificate and I map that to the user account? What if someone were able to get there client certificate couldn't they gain access as well?

My end goal is to only allow one client computer access to an SSL website I host on the internet as securly as possible.

Thanks in advance.
0
Comment
Question by:jmelcher
1 Comment
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 22812877
The user should get a cert with the Client Authentication EKU (extended key usage).  You would configure trust on your server - here is a decent article on how to set this up:
http://www.windowsecurity.com/articles/Client-Certificate-Authentication-IIS6.html
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question