Using client certificates: "Require client certificates" is enabled on IIS

 Hey world,


I have an application that works fine using SSL, but when I enable  "Require client certificates" on IIS it prompts the client for a certificate (behavior kind of expected) but I can't figure out how to create a "Client Certificate" so the client can access the application.

I followed step by step this article with no luck:

 (the WinHttpCertCfg.exe –i PfxFile -c LOCAL_MACHINE\MY -p Password  line just wouldn't work)


I created a certificate on my test web server using "SelfSSL" and then I exported it as an .PFX file.

Next I took this file to the client (my machine in this case) and I imported it into "Local Computer --> Personal" using MMC.

But when I try to browse my application on my test web server from the client (my machine) I don't see any certificate listed on the "Choose a digital certificate" Window.

Could somebody help me please? I have spent so much time on it......

Ask and it will be given to you; seek and you will find; knock and the door will be opened to you. Luke 11:9
4/27/2007 10:35:26 PM 9281 articles. 0 followers. Follow

2 Replies

Similar Articles

[PageSpeed] 46

The better place to ask this question is over at the forums on IIS.NET.

Terri Morton
Engagement Manager, Neudesic

How to ask a question

4/28/2007 12:52:56 AM
Ok, I will do it then. Thanks

Ask and it will be given to you; seek and you will find; knock and the door will be opened to you. Luke 11:9
4/30/2007 6:34:58 PM

Similar Artilces:

getting users certificate out of the "my" certificate store on client machine
Hi NG, i have a jscript-file that opens the user-store "my" on the client machine and let the user choose the certificate he wants to use for login. this jscript file uses capicom. now i read about the x509certificate2-class in the .NET-Framework. Is there any way to use this class? my first try was not successfull, i get the error that the session is not active. my aim is to drop jscript and to do almost all on the serverside. i develop in vs 2005 c#  express edition... thanks in advance... florian Hi There is an available article about replacement of CAPICOM c...

["Lee, Walter" <>] One Perl Question: How to use LWP to go to a client certificate authenticated web server
Is there anybody who can help? --=-=-= Content-Type: message/rfc822 Content-Disposition: inline Message-ID: <> From: "Lee, Walter" <> To: "''" <> Subject: One Perl Question: How to use LWP to go to a client certificate authenticated web server Date: Tue, 4 Apr 2000 11:03:16 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Lines: 14 Xref: eik.g.aas....

Accessing Certificate "Issuer" and "Issued to" in mozilla using JS
Hi, How can i access the "Issuer" and "Issued to" of the selected digital certificate in JavaScript in firefox? For Internet Explorer, CAPICOM provides API to do this but for firefox i'm not able to. I've tried using window.crypto. Example Java Script code: try { result = window.crypto.signText("Something to sign","ask"); if(result == 'error:userCancel' || result == 'error:internalError' || result == 'error:noMatchingCert'){ // alert(" Result="+result+". Staying back. "); ...

Syntax of "use"/"require"
(This thread is referencing I'd like to start writing the Module::Build/ExtUtils::MakeMaker for Pugs. One of the first things that was mentioned was that the syntax for use needs to support specifying the exact version or range of versions you want to have. There has also been mention of the fact that module installation needs to tag the author, as well as other features. Would someone please mind listing all the functionality desired for module installation as seen from "use"? Thanks, Rob On 5/28/05, Rob Kinyon <ro...

PB11 .NET "smart client" PUBLISH ISSUE... "Error when transfering files."
Before I start I should state that I'm not the Microsoft server admin... I have gotten this to work as recently as two days ago, but then it mysteriously stops working without any reason. It pushes most of the files out to the server correctly, but I did notice thatthe "CONFIGURATION.XML" file is missing. The "Publish Application" takes a while before failing and eventually fails with the message... "Error when transferring files." PLEASE HELP. Here is a list of what it is able to put on the server... ../publish.htm ../setup.exe ../tes...

no "enable editing" "enable deleting" "enable updating"
In my visual studio 2005 beta1,there is no "enable editing", "enable deleting", "enable updating"options. why? is the vision wrong??thanks! Which control are you talking about?/Fredrik Normén - fredrikn @ twitterMicrosoft MVP, MCSD, MCAD, MCTASPInsidersMy Blog "gridview" control!! I have, so you should also have it if you create a data source for the GridView control in the design view and make sure you have specified the Insert and Update Command for the DataSource. You can also add a CommandField to the GridView columns <asp:CommandFi...

Proposal: Move "Mozilla Labs" from "" to "Client Software"
The "Other Applications" product, containing ChatZilla, DOM Inspector etc. is in the "Client Software" Classification. It seems to make sense to have the "Mozilla Labs" product (which contains Joey and Operator at the moment) in the same Classification, rather than the current "Client Support". Doesn't it? Gerv On Jun 15, 7:31 pm, Gervase Markham <> wrote: > The "Other Applications" product, containing ChatZilla, DOM Inspector > etc. is in the "Client Software" Classification. It seems to...

Using "+" or "||"
Using SQLAnywhere 5.5.04, I've gotten into the habit of using "||" in ISQL to indicate a string concatenation. I needed to paste my SQL statement into the PowerBuilder script painter for some embedded SQL, and PB didn't like the "||" very much at all. I changed it to "+" and it seems to be ok. Do these two operators indicate ~exactly~ the same thing? moin, afaik these two's are not the same! if you're using "||" and any term is NULL then in the resultstring the term will be ignored if you use "+" then the resu...

"Using" or "With"
Hi all Please can someone enlighten to me as regards the difference with the "Using" and "With" statement when accessing data - which is better, what are the limitations and/or any pointers. Many thanks. Regards DaveDavid WinchesterPlease mark as answer if this is the solution.  using gives you the ability to use the connection and it closes the connection directlly after you finish using it. and there is no need to try- cach - finaly. there is no limitation on using USING keywordMuhanad YOUNISMCSD.NETMy Blog || My Photos || LinkedIn I have a dataobject the re...

Use "Hello World Using Client Script" in UserControl
HiI want to create a user control for dynamic date entering, and I'm trying to use the same approach as in the example:  <form runat="server"> <div> Search for <input id="SearchKey" type="text" /> <input id="SearchButton" type="button" value="Search" onclick="DoSearch()" /> </div> </form> <hr style="width: 300px" /> <div> <span id="Results"></span> </div> <script type="text/jav...

Certificate status = "Invalid: Certificate Expired"
OES2SP2 (linux) When open this page: https://myserver:8030/_LOGIN_SERVER_ I have attantion from IE: "CErtificate Error" When in the IE view information about Certificate i see: The certificate is produced for "" The certificate is produced "Organizational CA" It is valid from 15 Nov 2008 to 15 Nov 2010 In the iManager | "Directory Administration" | "Modify Object" for "SSL CertificateIP" i see: Certificate status = "Invalid: Certificate Expired" How to update the certificate (to prolong pe...

Filters and no "thin clients" (no REST clients?)
Hi All, The documentations says, in the additional nodes that "The data encryption is not available with thin clients." Is that entirely correct? What is a thin-client in that respect? A JavaScript client? A PHP Client? I think the correct term should be "REST Client" - I can build a REST client in Delphi code and add all kinds of stuff to this client so it's not really a "thin" client, but still using REST and hence unable to use the filters (as far as I can see now, since the DSRestConnection has no Filters property, while the SQLConnecti...

C#.Net "Double" and "double" When/Where to use?
Hi all     Please let me know the difference between "Double" and "double" in c#.Net (I understand that "Double" is structure      and "double" is an instance to that structure) differences if any thing else.     Also the context in which both has been used.(When/Where to use both). thanks all...      hi,my brains says Double is reference type & double is value type.regards,satishKind Attn: If a reply to your post helped you, kindly mark it as Answered.__________...

OutPutCache: Location="Client" or Location="Server"
Hi people. I searched information about the difference Client or Server, but I don't find help. Someone know the difference, from point of perfonmance?MCP Sergio Tarrillo Check this .....;en-us;323290 CheersCan't keep my eyes from the circling skies,tongue tied and twisted ..just an earth-bound misfit I. Here, they show how used Location. But I want knew the difference, and which have more perfomance.MCP Sergio Tarrillo The difference is simple do you want the Html version of the Page cached on the Browser or on the server it...

Web resources about - Using client certificates: "Require client certificates" is enabled on IIS -

Resources last updated: 11/27/2015 11:29:18 PM