views:

135

answers:

1

I want to make a registration page for clients, that would only contain a button register and unregister. When the user would click on any of these 2 button he would should be prompted to select a client certificate from his computer. I would also like to extract the email address from the selected certificate.

Is there any way of declaratively configuring IIS 7 to require a client certificate for just 1 .aspx page on the website. I could then extract the certificate from Request.ClientCertificate, right?

+1  A: 

A client certificate is sent by the browser in the HTTPS case only. So you first need to install a server certificate on your Web server in order to have HTTPS working.

Then, I don't think that you can force the use of SSL and the client certificate on a single page, but you can create a subdirectory of your site, where you enable SSL and require a client certificate. Then you put only your special registration page in this subdirectory and link to it from your register button.

The rest of your site can be in anonymous HTTP.

Timores