> From: zheng xiangyang
>
> I have setup a ca using openssl 0.9.4. I issued client certificate to the
IE5.0 and server Certificate to IIS4.0 with NT Service Pack5.0. The SSL
connection can be established if no client certificate is required by the
server. But if I configure the server to require client certificate,
whenever the client connects to the server the client a dialog pops up
asking me to choose a client, but the available client certificate list is
empty.
> I suppose this is due to the server and client don't have common trusted
CA. I know that before sp3, IISCA.exe can transfer trusted CAs to IIS. I
tried with no good. Can somebody told me how can I do the job?
> Thanks in advance.
Hi,
using SP4 / SP5:
IIS stores its trusted roots in the local machine 'Trusted Root
Certification Authorities' certificates store.
1. Open Internet Explorer 4 / 5.
2. Browse to the root certifying authority certificate that you want
to add.
3. Select Open this file from its current location, and then click OK.
4. Click Install certificate.
5. After the Certificate Manager Import wizard has started, click Next.
6. Select Place all certificates into the following store.
7. Click Browse, and then click Show physical stores.
8. Expand Trusted Root Certification Authorities, select Local Computer,
and then click OK.
9. Click Next, and then click Finish.
10. *Restart* your server.
Regards,
Miguel Angel
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
