?
Solved

IIS Certificate Mapping

Posted on 2008-10-25
1
Medium Priority
?
484 Views
Last Modified: 2012-05-05
I would like to understand how certificate mapping works for a website I am currently trying to secure. The website has it's own server certificate from a CA(godaddy). and is currently only acessible via SSL. I would only like one client to have access to the website. Do I need to send them my public SSL certificate and map that to a user account that only has access to the specific folders for the website?

If I do that, then couldn't anyone with my public SSL gain access to the website?

Does the client need to get it's own certificate? If so where and how do you get client certificates. If they get a certificate, do they send me there public SSL certificate and I map that to the user account? What if someone were able to get there client certificate couldn't they gain access as well?

My end goal is to only allow one client computer access to an SSL website I host on the internet as securly as possible.

Thanks in advance.
0
Comment
Question by:jmelcher
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 31

Accepted Solution

by:
Paranormastic earned 2000 total points
ID: 22812877
The user should get a cert with the Client Authentication EKU (extended key usage).  You would configure trust on your server - here is a decent article on how to set this up:
http://www.windowsecurity.com/articles/Client-Certificate-Authentication-IIS6.html
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question