• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SSL client authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> SSL client authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
SSL client authentication - 17.Feb.2005 8:59:00 PM   
Puck

 

Posts: 25
Joined: 22.Jan.2003
From: Columbus, OH
Status: offline
I have a setup such as this

client --HTTPS-->ISA--HTTP-->WEB

I am using certificates for authentication from the client to the listener. The issue I am having is that once I authenticate to the listener and receive a login prompt for my website I can use ANY login that has permissions. I want to limit the login to the same ID that is mapped to the certificate WITHOUT effecting users internally. I have tried to assign only the specific user to the publishing rule but this seems to only effect the certificate authentication and not the web site login. Is what I am trying to do possible?

[ February 17, 2005, 09:00 PM: Message edited by: Puck ]
Post #: 1
RE: SSL client authentication - 18.Feb.2005 4:14:00 AM   
jzeman

 

Posts: 15
Joined: 29.Jan.2005
From: San Antonio, TX
Status: offline
Perhaps you can limit it at the web site itself? I think you can map the certificate to the user on the directory security tab of the website properties. My problem is almost the opposite.

client--https-->ISA--https-->WebSite

I'm able to limit internal connections but unable to get the client to authenticate to the listener?

(in reply to Puck)
Post #: 2
RE: SSL client authentication - 18.Feb.2005 4:16:00 AM   
jzeman

 

Posts: 15
Joined: 29.Jan.2005
From: San Antonio, TX
Status: offline
Which certificate do you use for your external client? Exported from website?

(in reply to Puck)
Post #: 3
RE: SSL client authentication - 18.Feb.2005 2:33:00 PM   
Puck

 

Posts: 25
Joined: 22.Jan.2003
From: Columbus, OH
Status: offline
I cant use 'require certificate' on the website as not all internal users have one assigned. I am using a user cert issued from an internal enterprise CA.

(in reply to Puck)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> SSL client authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts