Dr S N Henson wrote: > > Brandon Amundson wrote: > > > > I am trying to sign a server cert from IIS 5.0 with my CA (openssl) that > > runs on my linux webserver. > > > > I have successfully signed the cert and move it back into IIS but when I go > > to access the site, the certificate dialog > > > > box pops up but there are no available certificates. I would like to use > > pre-existing user certificates that I have issued > > > > for my other site because I am going to be letting the same people have > > access to the new site. Does anyone know if this is > > > > possible and what I am not doing correctly, (besides using MS)? I heard > > something about the v3 extensions being a possible > > > > cause. Any thoughts? > > > > The FAQ gives the reason for this and some more info. What it doesn't > say is how to add your CA to the trusted list of IIS. IIRC you can do > this via the certificate import wizard, something like clicking on the > "show physical stores" box and trusted root->local computer. You may > have to the reboot. You can check using s_client to see if your CA is > then sent (see FAQ). > > Steve. > -- ... your support is definitely wonderful... Now I can use the client-authentication under IIS5 ... thanks. The strange thing is that now in IIS5 there is an interface to the TRUSTED-CA-LIST, but seems to be unused, or better used in combination to the importing in the "trusted root->local computer" store. Obviously this is undocumented in the ms-site.
Thanks. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
