Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PKI client certificates Issue

Status
Not open for further replies.

lightningtechie2011

IS-IT--Management
Aug 30, 2011
1
GB
Hello, We use client certificate authentication. Client certs are issued by an intermediate CA. When visiting the client cert secured website, the only certs offerred by the browser are those which are issued from a root CA. The intermediate CA cert is installed on the web server. If we install the intermediate cert on the client, the browser then offers the client cert. Is this correct behavior and if so why??, as I was expecting the client to offer the client cert issued by the intermediate CA as the web server has both root and intermeidate certs installed Many thanks
 
Your message is a bit confusing...long story short, your clients have to trust your CAs. If you have an enterprise root CA then AD should take care of this for you. If you don't have an enterprise CA then you would need to do something to install the CAs cert in the trusted certificate store on your client machine. Is that what you're talking about?

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top