Friday, 9 January 2015

Types of Certificates required for implementing certificate based communication in dotnet , webapi ,IIS


There are three types of certificates required for implementing certificate based authentication



     Certificate authority (CA) or provider:
·         It will installed in trusted root of both client as well as server


     Server certificate:
·         It should be from same CA as given in point one.
·         It should have public and private key.
·         It will be used on server side.



     Client certificate:
·         It should be from same CA as given in point one.
·         It should have public key.
·         It will be used on client side.



Also, Set Certificate Access Permissions for IIS On server for reading private keys using below steps: 
·         Type MMC in Run, It will open “ConsoleRoot”
·         Go to File menu option and select “Add remove snap in”
·         Select Certificates, click “Add”, select “My Computer” and click  “Finish”. This will open “Services” window.

·         Import Certificate authority certificate in Trusted Root Certification/Certificates using Services.