I am working on getting an iPad to auth to an IIS7.5 website using a local certificate mapped to a user in AD.
I am not, in any sense of the word, an IIS admin.
I essentially need to setup a proof of concept. I believe that this may work, but I just have no idea how to do it.
What I have so far is an iPad with a user certificate installed. I have this user certificate added the correlating user account in AD.
What I would like is a basic text webpage to load showing the user that it is authenticating. I would like this page to not be viewable unless it is client certificate authenticated.
I don't mind doing the legwork, but I really don't know where to begin on the IIS side.
Can anyone point me in the right direction?
I would put this as a commment, but I dont have enough reputation D:
First you need an asp.net website with certificate authentication, you don't need to worry about the iPad part at this point, just get the website running on localhost, most of the configuration is done on the web.config(at least it is for a web service, my experience with certificate authentication is only in WCF, but I assume asp.net should be the same way).
After that I would try to connect to the site with different browsers using different certificates, to check if everything works correctly.
And finally after it's working on your desktop you should try your site on the iPad. With this part I have no idea how it works exactly(i don't own any iDevices), but if it's like a desktop browser, you should be able to choose the certificate when you try to access the website.
Let me know if this made any sense to you lol
Go to IIS manager, select your server, select authentication, ensure Active Directory Client Certificate Authentication is enabled.
Then go to your website, select SSL settings, select require SSL, and select "Require" under Client Certificates.
That should be all if you've already set everything up in AD (which you seem to have, according to your question).