Which certificate to use to connect to a secured IIS7 website ?

Question

I have binded my IIS7 with a third party 'Server certificate' (Not issued by my server). I have deployed a secured WCF service on this server with Transport security.
When i try to consume this service, it only accepts those client certificates which are issued by my server (made using makecert). The third party client certificates just don't work here.

To my knowledge it should accept them as they are issued by the same CA!!

Any idea on how to make it work?

Answer 1

Seeing your configuration would help, anyway it seems that the WCF service (not IIS itself) is not configured to use your third party certificate, thus requesting your clients to have a client-side certificate issued by your server.

Take a look at this guide, it helped me a lot when I had to deal with this:

http://blogs.msdn.com/b/imayak/archive/2008/09/12/wcf-2-way-ssl-security-using-certificates.aspx