IIS cannot verify my client certificate

I've tried setting up SSL for localhost serving my azure web role.

I did what I created my own CA, created a client and server certificate, and then installed them all in the certificate store. The server certificate is located in the personal certificates of the local computer, the client certificate is installed in the current user store under the personal store, and the CA certificate is installed in the trusted root certificates in both stores.

I also configured my IIS website to use SSL and used netsh to bind the server certificate to the ip the site is running on.

However, when I try to access my site through IIS, I get the error:

HTTP Error 403.16 - Forbidden

Your client certificate is either not trusted or is invalid.

      

I know the certificates I am using are being signed out by the same CA, so I really can't see any other reason other than that IIS probably can't access my trusted root store. When I deploy my solution to azure it works without giving me this error, so I'm pretty sure there is a configuration issue with local IIS that I cannot handle.

Any suggestions on what might be the problem here?

+3
ssl http-status-code-403 iis-8 localhost


source to share


No one has answered this question yet

See similar questions:

12
IIS 8.5 - Mutual Certificate Authentication failed with error 403.16

or similar:

1146
How to create a self-signed certificate with OpenSSL
1058
Getting Chrome to accept self-signed local certificate
383
Trust all certificates using HttpClient over HTTPS
381
Solution javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
304
pip install with connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate failed (_ssl.c: 598) "
fourteen
HTTP Error 403.16 - Client Certificate Trust Issue
12
IIS 8.5 - Mutual Certificate Authentication failed with error 403.16
3
Installing Certificates in Trusted Root Store in Azure Web Applications
0
IIS Client Server Trust Authentication Certificate
0
Using a self-signed client certificate in development



All Articles
Loading...
X
Show
Funny
Dev
Pics