|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
SSL client-side certificateHello,
i explored this article: http://support.microsoft.com/kb/315588 My questions are about client-side certificate for using in SSL tunnel 1. can it be self-signed root certificate? 2. if no client certificate is used, how SSL handshake happens? what certificate/private key is used on the client side? 3. how IIS detects, is certificate, used by client, acceptable or not? -- Serge On Feb 5, 6:06 am, Serge <m***@km.ru> wrote:
> Hello, 1) Yes, but you'll have to import the cert on the server.> > i explored this article:http://support.microsoft.com/kb/315588 > > My questions are about client-side certificate for using in SSL tunnel > > 1. can it be self-signed root certificate? > 2. if no client certificate is used, how SSL handshake happens? what > certificate/private key is used on the client side? > 3. how IIS detects, is certificate, used by client, acceptable or not? > > -- > Serge 2) In normal SSL the client doesn't use anything besides the public key of the server. Basic SSL is server auth only and only uses the Server certificate. 3) Because the certificate chain is trusted. See this article http://support.microsoft.com/kb/332077 HTH, Dave 
Other interesting topics
Unable to upload files over 1MB
SSL vs Windows Integrated Security dynamic client authentication Managing IP restrictions in IIS 6.0 - nightmare! IIS authentication (kerberos and Integrated security) One Virtual Directory, Many SSL Certificates? Re: Authentication prompts with wrong domain https and Local System account IIS 7.0 Full install on Vista Ult. 64-bit SP1 Virtual Server acces URLScan for RPC over HTTP |
|||||||||||||||||||||||
