Last post Jan 23, 2013 12:52 AM by Haixia Xie - MSFT
Jan 18, 2013 08:55 AM|Alex_808|LINK
I have a webservice working with ssl I have an authorized certificate on the server and everything works good. I wan't the ssl connection to "Require client side certificate". Do I need to take the same certificate that I installed on the server and install
on the client? I did some test took the same certificate and installed it on the clien in in local computer -> personal -> certificates but still get "HTTP Error 403.7 - Forbidden: SSL client certificate is required." when trying to access the webservice.
I know installing the same certificate on both the server and the client seems completly wrong but after doing research am still not sure what the next step is...
Help is much appreciated..
Jan 21, 2013 04:35 AM|Haixia Xie - MSFT|LINK
For this issue, I'd suggest you take a look at a blog below that demonstrate how do a mutual SSl authenticatiojn.
#An Introduction to Mutual SSL Authentication
Jan 21, 2013 09:41 AM|Alex_808|LINK
Yes I have read that article a couple days ago. The first step and my first question regards the client certificate see the server has a certificate that is verified and everything is fine for that end but what is the common practice for the client certificate..
I doubt I have to request a certificate from a 3rd party and what not what is the usal common practice should it be a self signed generated certificate? Once I have a client certificate I can then go ahead and start implementing that article..
Jan 23, 2013 12:52 AM|Haixia Xie - MSFT|LINK
>> I did some test took the same certificate and installed it on the clien in in local computer -> personal -> certificates but still get "HTTP Error 403.7 - Forbidden: SSL client certificate is required."
Try change the validation mode for the client.
You can use X.509 Certificate Tool
to create a certificate. Since it use ChainTrust mode by default, you need specify a different validation mode with ServiceCredentials.