I have an ASP.NET application that is suppose to read the cert on a client CAC.
my environment: Visual Studio 2012 IIS Express
In IIS Express, I'm running two separate sites for the client and server. Authentication is taken place on the server.
My server and client projects have the following properties in VS:
- Anonymous Authentication = Enabled
- SSL Enabled = True
- Windows Authentication = Disabled
- Managed Pipeline Mode = Integrated
In the Web.config files of both sites, the other site is referenced via
https://localhost:<port>
In the server's code, there is a line:
string mycert = HttpContext.Request.ClientCertificate.Subject;
That is suppose to request the client's certificate from the CAC card. This is where I'm having trouble since there is no value (either empty or zero) for all fields I think are relating to the Client Certificate.
Q_1: How can I read the client's CAC cert so that I can authenticate on the server?
Q_2: Is there something in the web.config file I need to change?
Q_2B: I've seen something about oneToOneMapping could that be the problem?
Q_3: Am I far off on this? if so please advise.
Thanks!
I don't know if this helps or not, but in IIS integrated mode HttpContext is not populated until after the HttpApplication.Start event is complete. If you have your offending code too early in the application lifecycle, these values won't exist.
This makes sense if you think about it because you wouldn't want the whole application to be initialized under a specific user's context. So to access your certificate, you need to do it from a specific page or HttpHandler.