Enabling Client Authentication

Enabling Client Certificate Authentication on IIS 5.x+ web server

To enable Client Certificate Authentication on IIS 5.x+ you will need to obtain Certification Authority [CA] Certificates, your own Digi-Access™ Client Certificate and setup a local user (or Active Directory Domain) account on a Windows Server that the IIS 5.x+ web server is installed and running on.

2.1 Obtaining and installing the Digi-Access™ Certification Authority Certificates

    To obtain the Digi-Access™ Root Certification Authority Certificate, use the following URL:

    Digi-Sign Root CA

To obtain the Digi-Access™ Intermediate Certification Authority Certificate, use the following URL:

Digi-Sign CA Digi-Access Xs

Once you save these Certificates to the desktop (or another directory on the hard drive) of the web server machine, then:

To install the Digi-Sign_Root_CA.cer Certificate file:

IMAGE


    - Right click the Trusted Root Certification Authorities, select All Tasks, and then select Import.

    IMAGE



    - Click Next.

    IMAGE


    - Locate the Digi-Sign_Root_CA.cer Certificate file and click Next.

    - When the wizard is completed, click Finish.

To install the Digi-Sign_CA_Digi-Access_Xs.cer:

IMAGE


    - Right click the Intermediate Certification Authorities, select All Tasks, and then select Import.

    - Complete the import wizard again, but this time locating the Digi-Sign_CA_Digi-Access_Xs.cer when prompted for the Certificate file.

    - Ensure that the Digi-Sign_Root_CA.cer certificate appears under Trusted Root Certification Authorities.

    - Ensure that the Digi-Sign_CA_Digi-Access_Xs.cer appears under Intermediate Certification Authorities.


Important: You must now restart the IISAdmin service or reboot the computer to complete the installation.

2.2 Preparing IIS 5.x+ for Digi-Access™ Client Certificate Authentication

To prepare IIS 5.x+ for Digi-Access™ Client Certificate Authentication:

Go to Windows Administrative Tools.

Your IIS 5.x+ web server is now ready to start working with Digi-Access™ Client Certificate Authentication.