views:

33

answers:

0

Hi all,

we have enabled "Require Client Certificate" in IIS 6 for a webpage. When we do a request with a revoked certificate we normally get a 403.13 from IIS that blocks the call before the asp.net runtime is called. Sometimes however the IIS passes through the client but asp.net gives an 403.13 error.

Does anyone know the difference between the certificate checking in asp.net and IIS and when this mismatch can occur?

greetings, Tim