Client Certificate without Active Directory
-
Hi For a web application that can be used by several customers, one of our customers want, that their users can access the application only from some defined computers. For that we wanted provide to access points to the application: one normal access and one access that requests a client certificate. In the database is a field with a windows username for every customer. If the user accesses the application through the client certificate access the mapped user must be matching the username in the database. The whole application has to be of course secured by SSL and should use a trusted certificate (from verisign or some other trust center). I have been told that, to create Client Certificates on this computer the active directory has to be installed. But I want to avoid to install AD on a Computer that is connected to the internet. Do you have some expirience with Client Certificates and can you acknowledge or disprove the the information about the needed Active Directory? Thank you very much! Greets Roland
Hi! I'm a signature virus. Copy me into your sig file and help me spread!
-
Hi For a web application that can be used by several customers, one of our customers want, that their users can access the application only from some defined computers. For that we wanted provide to access points to the application: one normal access and one access that requests a client certificate. In the database is a field with a windows username for every customer. If the user accesses the application through the client certificate access the mapped user must be matching the username in the database. The whole application has to be of course secured by SSL and should use a trusted certificate (from verisign or some other trust center). I have been told that, to create Client Certificates on this computer the active directory has to be installed. But I want to avoid to install AD on a Computer that is connected to the internet. Do you have some expirience with Client Certificates and can you acknowledge or disprove the the information about the needed Active Directory? Thank you very much! Greets Roland
Hi! I'm a signature virus. Copy me into your sig file and help me spread!
Certificate Services can be installed without AD. This service can create client certificates. You can install an Enterprise CA (needs AD) or an Standalone CA (doesn't need AD). You can install the service from Add/Remove Programs > Add/Remove Windows Components. Sojournist AT undernetwork DOT com