"HIKO" <ayamano74@hotmail.com> wrote in message
news:d10edfb2.0501310515.3e40127d@posting.google.com...
> Hi
>
> I set up private CA(certificate authority) and
> trying to test SSL(server-side and client-side also) now.
> -----------------------------
> <Problem>
> Now server-side certification worked already,
> but client-side certification can not work well.
> Normally when access client-side certification site,
> pop up window will be displayed and ask
> the user which certification want to choice,
> but I can not see any certifications installed
> in the client machine. It is just a blank list box.
> Can not choice any client-side certifications here.
> -----------------------------
> <Machines>
> CA server:Win2000serverSP4<Eng>
> IIS:XPproSP2<Eng>
> Client:Win2000proSP4<Jpn>
> *Every machine are set up inside same LAN.
> -----------------------------
> <Checked already>
> 1:The CA is registered as trusted CA to IE(Client).
> 2:The CA is registered as trusted CA to IIS.
> 3:Server-side certification worked fine.
> 4:The client machine was installed client-side certification fine
> (can see in IE as a registered cerver-side certification).
> 5:The certifications are valid.
> 6:CA is valid.
> 7:Port mapping is fine(443).
> 8:Didn't use account mapping for client-side certification.
>
> Kindly give me advice.
>
> Best regards
>
> Hiko

"Hiko Hiko" <ayamano74@hotmail.com> wrote in message
news:ud7ec08BFHA.3504@TK2MSFTNGP12.phx.gbl...
> Hi Mike
>
> Thank you for your reply.
>
> Yes, I can see the certification in
> Tools -> Internet Options -> Content ->
> Certificates -> Personal.
> I installed some certifications,
> all certifications are listed here as
> client-side certification.
> And certification's status are valid
> (not expired), each.
>
> And in trusted CA also I can see the CA I set up.
>
> Plus, there was 1 wrong information.
> I use WinXPproSp1 as IIS machine.not SP2.
> Sorry.
>
> Best regards
>
> Hiko
>
>
> *** Sent via Developersdex http://www.developersdex.com ***
> Don't just participate in USENET...get rewarded for it!

"Hiko Hiko" <ayamano74@hotmail.com> wrote in message
news:OdPaHIFCFHA.2568@TK2MSFTNGP10.phx.gbl...
> Hi Mike
>
> Ok,
> the purpose is
> "Personal your identity to a remote computer".
> And I click "Advanced..",
> can see the check box "Client Authentication" is checked as default.
> *"Server Authentication" check box also checked as default.
>
> I tried Win2000proSP4 client, and other three WinXPproSp1 clients also,
> but on every machines it was result.
> Maybe I do same mistake on every machines.
> Or on server I do serious mistake.
>
> <Information of certificates registered in IE>
> 1:Personal : Can see a valid entry(Client-side
> certification).
> 2:OtherPeople : No entry
> 3:Intermediate Certification Authorities : Can see some
> entries.
> 4:Trusted Root Certification Authorities : Can see some
> entries. And can see the CA I set up here.
> 5:Trusted Publisher:No entry
>
> <IIS setting Information>
> 1:I choice gDefault Web Siteh apply server-side
> certification. And approved by CA,
> and adjusted it.
> 2:Enable grequire secure channel(not checked
> 128-bit encryption)h.
> 3:Selected gRequire client certificatesh.
> 4:Disable gEnable client certificate mappingh
> 5:Enable gEnable certificate trust listh
> 6:Can see the CA I set up in gCertificate trust
> List (selected as Current CTL)h.
>
> Thanks and best regards
>
> Hiko
>
>
>
> *** Sent via Developersdex http://www.developersdex.com ***
> Don't just participate in USENET...get rewarded for it!