I would like to add a client authentication via X509 certificates so I set my server IIS with SSL and Client Certificate required. (as said here : Client Authentication via X509 Certificates in asp.net)
But once the client selects the certificat, the server answers always an HTTP 403.
Therefore in order to customize the validation of the client certificate I added in the global.asax:
protected void Application_Start()
{
.......
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateServerCertificate);
private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
//... checking
return true;
}
}
But apparently my function is never called and the server response is still 403 permission denied (certificate judged unsafe).
Do you have any suggestions?
