I want a site that requires ssl, with
/mysite/ssl requiring ssl only
/mysite/certs requiring ssl AND client certs.
That is, I want to be able to surf to https://myserver/mysite/ssl without a
cert, but not to be able to get to https://myserver/mysite/certs unless I
have a client cert installed.
I can configure IIS to require client certs for the entire site. That's
easy enough.
Assuming a site root at C:\inetpub\mysite, on the HTTP server, I created
C:\inetpub\mysite\certs
(which of course is not really where the site is--that's on the apps server
where the srun statement in resin.conf points). In IIS Manager, I required
client certs for
C:\inetpub\mysite\certs.
However, I can still surf to https://myserver/mysite/certs without a cert.
As I understand it, srun.dll reconfigures the URI so that when I try to
access https://myserver/mysite/certs, what IIS actually sees is
https://myserver/scripts/srun.dll/mysite/certs. So I created
C:\inetpub\scripts\mysite\certs
and told IIS Manager to require client certs for THAT directory. Still no
go.
Has anyone been successful with an IIS site where certs are required but
only for part of the site?
As always seems to be the case, my need is urgent.
Thanks,
Peter Buck
Received on Sun 15 Sep 2002 10:11:48 -0700
This archive was generated by hypermail 2.1.8 : Thu Sep 28 2006 - 20:17:14 PDT