9

I am trying to configure a simple web site to require client certificates on IISExpress.

My configuration is according to this archived jasonrshaver.com post.

<site name="XXXX" id="3">
 <application path="/" applicationPool="Clr4IntegratedAppPool">
  <virtualDirectory path="/" physicalPath="XXXX" />
 </application>
 <bindings>
  <binding protocol="http" bindingInformation="*:65360:localhost" />
  <binding protocol="https" bindingInformation="*:44300:localhost" />
 </bindings>
</site>
...
<access sslFlags="Ssl, SslNegotiateCert" />
...
<iisClientCertificateMappingAuthentication enabled="true">
</iisClientCertificateMappingAuthentication>

It is a simple MVC4 Web App that outputs the ClientCertificate data.

The problem is that when I browse to https I am not prompted for a certificate in browser. I do have 4 certificates that can be used; they are configured in Chrome

Any help appreciated. Thank you.

John MacIntyre
  • 12,910
  • 13
  • 67
  • 106
Andrei Gavrila
  • 853
  • 9
  • 19

1 Answers1

4

There was a certificate problem, not a IISExpress configuration problem.

I had no certificates that could be used for client authentication. After installing a certificate with Intended Purposes everything worked fine.

So the above configuration works just fine.

Andrei Gavrila
  • 853
  • 9
  • 19
  • What was wrong with the certificate, I'm having a similar issue – Chazt3n Mar 03 '16 at 18:29
  • I have similar problem. CA is installed on separate virtual machine, it is accessible, CA root cert is installed in Trusted CA list on dev machine and still, when I make a call to web api 2 RESTapi service, Request.GetClientCertificate() returns null. Any ideas what caould be wrong? – Ivan Pavlović May 11 '16 at 07:57
  • if i remember correctly the problem i was not using a client certificate: https://blogs.msdn.microsoft.com/kaushal/2012/02/17/client-certificates-vs-server-certificates/ – Andrei Gavrila Jul 21 '16 at 08:42