O'Reilly logo

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Performing Certificate-Based Authentication

IIS can use AD DS as its mapping directory. As mentioned earlier, the advantage of using AD DS is that the mapping is available on multiple Web servers (as long as they are members of the forest) and can be used by applications other than Web browsers.

The following steps enable IIS to use Active Directory mapping:

  1. Create a certificate template for user authentication.

  2. Define the mappings in AD DS.

  3. Enable IIS to use certificate mapping.

  4. Enable the directory service mapper.

Creating a Certificate Template

The first step in setting up a certificate mapping in AD DS is to design a certificate template that allows a user to authenticate in a Web browser. The user certificate must meet the following requirements: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required