8

In a web application, I have a WCF service uses Client Certificate authentication. I checked "Accept Client Certificate" in IIS - SSL Settings and it works fine. But some times, in some browsers, if a certificate is installed on the client machine, the browser is prompting a message to choose the certificate it wants to provide to the server which is not a desired behavior since only the web service needs the certificate - not the web application!.

How can I handle it without creating an independent web project for the web service on IIS?

Improve this question
6
  • You should be able to set the SSL settings Accept Client Certificate on folder or file basis. So just put it on the files/folders that make up your service. Commented Feb 13, 2015 at 8:40
  • @PeterHahndorf, I have already set it to Accept Certificate, but it is acting like it is requiring certificate! which is not desired. Commented Feb 13, 2015 at 9:21
  • If set to accept, the server will tell the client that it supports client certificates. If the browser knows about at least one client cert, it shows the selection box to the user. My point was that you should set Accept Client Certificate only on the service files which are not directly accessed by the user. Commented Feb 13, 2015 at 9:53
  • So, it is on the file / folder level. Not on the application level. Right? Commented Feb 13, 2015 at 12:34
  • 1
    Yes, if only the services files are marked as Accept Client Certificate then the browsers will never know about it, except if you are using JavaScript on your pages to call the service. Commented Feb 13, 2015 at 14:00

1 Answer 1

Reset to default
2

From the comments it turned out, your service consisted of a few specific files, but you set the Accept Client Certificate setting for the whole application.

Use the settings on just the files (or folder) for your service, not on the application level.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.