'IIS Filter Client Certificate by Issuer or Keyword

I am working on a local web application in which I have set sslFlags to SslRequireCert in the IIS config file, which asks for the client certificates for authentication.

The web browser shows a list of available certificates (refer to the attached image). Is there a way where I can filter the certificate based on the issuer or identity keyword? The problem statement is that I do not want the website to list all the certificates but limit it to only the relevant certificates which the user can select.

Please help me out!

Refer to Image

authenticationssliisssl-certificateclient


Solution 1:[1]

You can use IIS Client Certificate Mapping Authentication to filter certificates. Follow this microsoft official documentation on how to do it: click here

Here's how to configure client certificate mapping authentication in the IIS interface.(Default web site as an example)

1.Go to Default Web Site ? Configuration Editor image1

2.Select section: system.webServer/security/authentication/iisClientCertificateMappingAuthentication image2

3.Change Enable to True and click the "..." button of manyToOneMappings to add a many-to-one rule. image3

4.Click Add and fill in the properties. image4

5.After the configuration is complete, close the window, you will see that the count of manyToOneMappings becomes 1, and then click Apply to save the configuration. image5

You can refer to this answer: Configure IIS to accept or filter user certificate by specific issuer

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

Problem with configuring ssl certificates in asp .net core API

Problem with configuring ssl certificates in asp .net core API

Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Turn off or bypass SSL Certificate Verification in Swift iOS

ActiveMQ over SSL: "acceptInvalidBrokerCert=true" not working

Install SSL certificates in my AWS canary puppeteer script

Getting this error while installing DFX on my mac "curl: (60) SSL certificate problem: certificate has expired"

How to install a custom certificate in Symfony server?

ssl ,urllib3,requests .exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:548)

How to fix javax.net.ssl.SSLHandshakeException even though i have already added the certificate

Renew kubernetes pki after expired

Error: unable to verify the first certificate in nodejs

How does wildcard ssl certificate match domains

How to create a self signed cerficate using command prompt?

SSLHandshakeException in Eclipse Temurin JRE8 Alpine container for self-signed certificate