Client Certificate Mapping Authentication Role Service in IIS 7 and IIS 7.5 enables authentication between a Client and the Web Server by presenting client certificates over secure channel. In IIS 7 and IIS 7.5, Client Certificate Mapping Authentication uses Active Directory to map client certificates against a users account in a domain.
NOTE: Client Certificate Mapping in FTP 7.5 is Active Directory One-to-One Mappings only.
Here is Part 1 of a 4 Part series on implementing Client Certificate mapping in FTP 7.5.
Here is some background of the environment I will be using to configure the scenario:
Domain Controller
Name: Server1
OS: Windows Server 2008 R2
DC: contoso.com
CA: contoso-Issuing-CA01
Roles enabled:
Image may be NSFW.
Clik here to view.
Active Directory Certificate Services has following Role Services installed:
Image may be NSFW.
Clik here to view.
Active Directory Domain Services has following Role Services installed:
Image may be NSFW.
Clik here to view.
IIS Role Services installed on DC:
Image may be NSFW.
Clik here to view.
IIS Server
Name: Server2
OS: Windows Server 2008 R2
Roles enabled:
Image may be NSFW.
Clik here to view.
Following IIS Role Services installed:
Image may be NSFW.
Clik here to view.
Client
Name: 620-WIN7
OS: Windows 7 Enterprise Edition
AlexFTPS-1.0.2 from http://ftps.codeplex.com/
QUICK NOTE: In Windows Server 2008, you will need to install the Out Of Band FTP 7.5 from http://www.iis.net/expand/FTP to use the Client Certificate feature.
Next, we will Request and Install Server Certificate on IIS. Stay tuned…
Hope this helps,
Vivek Kumbhar
Quote of the day:
This is one of those views which are so absolutely absurd that only very learned men could possibly adopt them. - Bertrand Russell