« Previous Next »

• 07-09-2009, 1:08 AM

  nine_balls Joined on 07-09-2009, 1:02 AM Posts 2

  Mutual Authentication over HTTP in IIS 6 ! Reply Contact Hi all,  i'm wondering if there is a possible solution for thw below scenario.  our web server is behind a content switch which handle all SSL stuff with client browsers & off-load all the ssl requests before it reach the web server, so all request reach web server in http. we have a mutual authentication requirment with one of our clients which require a client certificate authentication from our web site.  since there is no SSL certificate installed on our web server, how can i enable the "Require Client certificate" option without enabling "Require SSL " option in IIS security tab ??

  Tags: SSLiis 6mutual authentication

• 07-09-2009, 3:22 AM

  In reply to

  Paul Lynch Joined on 05-24-2006, 5:41 AM UK Posts 1,247	Re: Mutual Authentication over HTTP in IIS 6 ! Reply Contact Hi, You can configure IIS 6.0 to accept client certificates wihtout requiring SSL on the web site but you can't configure it to require a client certificate without enabling SSL on the web site. Regards, Paul Lynch | www.iisadmin.co.uk

• 07-09-2009, 5:57 AM

  In reply to

  nine_balls Joined on 07-09-2009, 1:02 AM Posts 2

  Re: Mutual Authentication over HTTP in IIS 6 ! Reply Contact thanks Paul for your response. actually i know that the option "Require Client CErtificate" will be disabled in UI if you didn't enable SSL, is there any Metedata hack for that ?? or conceptually not applicable ? Thanks  Paul Lynch: Hi, You can configure IIS 6.0 to accept client certificates wihtout requiring SSL on the web site but you can't configure it to require a client certificate without enabling SSL on the web site. Regards,