Is there a way to determine if the certificate had a pin/password entered
prior to submitting it to a site? That is, can I tell from the server side
if the certificate is from a smart card with a pin or a soft certificate
with a password?
Thanks,
Mark
"Mark Pfeifer"
news:u4nsAvC4HHA.536@TK2MSFTNGP06.phx.gbl...
> Is there a way to determine if the certificate had a pin/password entered
> prior to submitting it to a site? That is, can I tell from the server
> side if the certificate is from a smart card with a pin or a soft
> certificate with a password?
Without running some code on the client - in a nutshell - no. IIS only sees
what's sent in the HTTP header.
Cheers
Ken
--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
Hi Mark,
Just as Ken stated, at IIS server side we can only ensure the following two
points of a client certificate:
1. The client certificate is valid and has a corresponding private key for
authentication.
2. Create a Certificate Trust List(CTL) to verify if the client certificate
is issued by a Certification Authority(CA) which is recognized and trusted.
If not, deny the client access.
There is indeed no standard approach at web server side to determine if a
client certificate is from smartcard or requires password.
Please update here if you have more concern on this issue.
Thanks and have a nice weekend.
Sincerely,
WenJun Zhang
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscriptions/managednewsgroups/de fault.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at:
http://msdn.microsoft.com/subscriptions/support/default.aspx .
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.