Hi Can anyone give me a solution how to import server certificate into a keystore to validate the request is coming from valid client.
您好任何人都可以给我一个解决方案如何将服务器证书导入密钥库以验证请求来自有效的客户端。
I have gone through this article but having few questions.
我已经阅读了这篇文章,但几乎没有问题。
1) How will my server validate the client certificate ?
1)我的服务器如何验证客户端证书?
2) Will this(X509Certificate) .net class validate Genie(Tivoli) certificate ?
2)这个(X509Certificate).net类是否会验证Genie(Tivoli)证书?
3) Do i need to have certificate configured on my server ?
3)我是否需要在我的服务器上配置证书?
Thanks in advance
提前致谢
1 个解决方案
#1
0
If you would like to know how IIS verifies client certificates, you might read carefully this KB 907274 for your 1) and 3)
如果您想知道IIS如何验证客户端证书,您可能会仔细阅读此KB 907274 1)和3)
https://support.microsoft.com/en-us/kb/907274
For an ASP.NET site, it has no chance to verify the certificate as the verification is done at IIS level (http.sys generally). Thus, X509Certificate class is less relevant, unless you want to further check the verified client certificate for more info. This is for 2).
对于ASP.NET站点,它无法验证证书,因为验证是在IIS级别完成的(通常是http.sys)。因此,X509Certificate类不太相关,除非您想进一步检查已验证的客户端证书以获取更多信息。这是2)。
#1
0
If you would like to know how IIS verifies client certificates, you might read carefully this KB 907274 for your 1) and 3)
如果您想知道IIS如何验证客户端证书,您可能会仔细阅读此KB 907274 1)和3)
https://support.microsoft.com/en-us/kb/907274
For an ASP.NET site, it has no chance to verify the certificate as the verification is done at IIS level (http.sys generally). Thus, X509Certificate class is less relevant, unless you want to further check the verified client certificate for more info. This is for 2).
对于ASP.NET站点,它无法验证证书,因为验证是在IIS级别完成的(通常是http.sys)。因此,X509Certificate类不太相关,除非您想进一步检查已验证的客户端证书以获取更多信息。这是2)。