Client Digital Certificate issue

Discussion in 'Security Software' started by pernix, May 4, 2005.

  1. pernix

    pernix Guest

    I am experimenting an odd IIS/Internet Explorer behaviour. Please let me
    know if you think it is just right. I want users to authenticate using their
    Client Digital Certificate as well as their Username/Password in case they
    don't have a Client Digital Certificate yet.
    Consequently I:
    1) Checked the "Active Directory Mapping" on the Web Server root
    2) Installed a Web Server Digital Certificate on the website
    3) Set security to use Basic Authentication
    4) Set mandatory SSL 128bit
    5) Checked the "Accept Digital Certificate" Option and the "Client Digital
    Certificate Mapping" option
    6) In Active Directory I mapped a Client Digital Certificate to a specific

    The result should allow users without a Client Digital Certificate to be
    prompted for credentials and users provided with a Client Digital
    Certificate to be automatically authenticated.
    I have to say that the result is almost this apart a little annoying detail:
    even if the user has no client digital certificates installed at all, every
    first time he tries to reach a website resource he is prompted by IE6 to
    select a valid client digital certificate from an empty list. If the users
    clicks on Cancel or Ok than he's asked to submit Username and Password.
    My questions are:
    1) Does it make sense for IE6 to prompt the user to select a client digital
    certificate when there are no client digital certificates at all installed??
    2) I am pretty sure that IE6 did not behave this way one year ago. Can it be
    a something introduced by XP's SP2 ?

    pernix, May 4, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.