IIS Certificate Mapping
Posted on 2008-10-25
I would like to understand how certificate mapping works for a website I am currently trying to secure. The website has it's own server certificate from a CA(godaddy). and is currently only acessible via SSL. I would only like one client to have access to the website. Do I need to send them my public SSL certificate and map that to a user account that only has access to the specific folders for the website?
If I do that, then couldn't anyone with my public SSL gain access to the website?
Does the client need to get it's own certificate? If so where and how do you get client certificates. If they get a certificate, do they send me there public SSL certificate and I map that to the user account? What if someone were able to get there client certificate couldn't they gain access as well?
My end goal is to only allow one client computer access to an SSL website I host on the internet as securly as possible.
Thanks in advance.