An internal team, separate from mine, said it prefers to do inbound authentication based on client certificates. Which sounds good to me, except that I still havenโt met them and am not quite sure where to start the research (Wikipedia has told me in detail that Iโm not sure what I need to find out). If I have an IIS6 server with a web application running under an AD user account, what steps should I take to ultimately disconnect the request from this web application on a remote server via .NET (I assume HttpWebRequest)? I see that we have an internal trusted certification authority and thatโs it. The remote server is running Apache on Linux.
I am essentially in training mode, not necessarily looking for a list of successful things about what should happen (although if I could find out how it works, finding out how to do it, this is also good :)) Do you have Any resources that I could start looking for to figure out how to successfully authenticate through SSL using this remote server and contact it through client certificates? Probably from creating a client certificate, although I would like to more fully understand how it all works in the first place.
Chris source
share