• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Better Client Certificate Support

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Better Client Certificate Support Page: [1]
Message << Older Topic   Newer Topic >>
Better Client Certificate Support - 4.Feb.2004 2:54:00 PM   
Unless, I am mistaken...
Currently, in B2B DMZ scenario, in order to authenticate users via client certificates you need to have:

1. External ISA server AD integrated where you setup user/client certificate mapping.
2. For every user allowed to accesss the site, you need to set up a new web publishing rule as when using bridging you could, only, login using one certificate.

Perhaps, web proxy service could be modified to allow for user/client certificate mapping. This way you won't need to install AD on external ISA server.

It seems that when using bridging, you should have the option to pass those private keys that external client originally sent to the external ISA server and not just funnel everyone via the same username.


  Post #: 1
RE: Better Client Certificate Support - 7.Jun.2004 12:29:00 AM   


Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Roman,

That would be a nice feature. To issue client certificates from a certificate server that can map to the local SAM database?


(in reply to Guest)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Better Client Certificate Support Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts