View Complete Thread
  • Re: Certificate Trust List on IIS 8.5

    Feb 24, 2016 03:30 PM|blake.duffey|LINK

    So that section seems to detail the differences between the old versions of Windows and 2012 and up.  

    I remain confused about how to implement.

    The article says If there is a specific credential store configured for the site, it will be used as the source.

    That's what I want (to setup a store per IIS site)

    I'm assuming I have to run

    netsh http add sslcert ipport=0.0.0.0:443 certhash=GUID hash value appid={GUID application identifier}  sslctlstorename=ClientAuthIssuer

     on my IIS server, as it says HTTP.sys is not configured by default to use the Client Authentication Issuers Store.  When I issue that command I get the helpful error 'The parameter is incorrect'.

    (although I wonder if I am reading that too literally)

    Any further insight is appreciated.