Welcome to ISAserver.org

Client Certs w/o AD?

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 General] >> Installation >> Client Certs w/o AD?

Page: [1]

Message

<< Older Topic Newer Topic >>

Client Certs w/o AD? - 10.Apr.2001 9:37:00 AM

kkiyohara

Posts: 1
Joined: 10.Apr.2001
From: Santa Monica, CA, USA
Status: offline

I'm trying to configure ISA Standard Edition to use client certificates for authentication. I can get ISA to ask my web browser for a certificate, but I can't figure out how to properly install a copy of the client certificate on the stand-alone ISA server itself. I have seen the certificate installation documentation for IIS, but ISA doesn't appear to have the same capabilities/options. I have also seen a code snippet in the SDK which indicates a way to associate client certs with a web publishing rule. Any help would be appreciated...

TIA -- Keith.

Post #: 1

Featured Links*

RE: Client Certs w/o AD? - 10.Apr.2001 11:45:00 AM

tshinder

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Keith,

In order to use client certificates, you have to have a Public Key Infrastructure in place. And that's a pretty weighty subject. The certificate server still boggles my mind, but there are some things you can do to test it out.

Install an AD domain controller, and then have a machine join the domain. Use a laptop because its more fun that way. Then create a publishing rule and require SSL for the site. Then configure the external interface to ask for a client certificate.

I took some screen shots today of what you should see, and I'll put together an article in the near future to walk through the process.

HTH,
Tom

------------------
Tom Shinder
http://www.isaserver.org/shinder/