How to prevent browser from prompting for a client certificate and allow the IIS to accept it (not require it)?
From the comments it turned out, your service consisted of a few specific files, but you set the Accept Client Certificate
setting for the whole application.
Use the settings on just the files (or folder) for your service, not on the application level.
Related videos on Youtube
Comments
-
Homam over 1 year
In a web application, I have a WCF service uses Client Certificate authentication. I checked "Accept Client Certificate" in IIS - SSL Settings and it works fine. But some times, in some browsers, if a certificate is installed on the client machine, the browser is prompting a message to choose the certificate it wants to provide to the server which is not a desired behavior since only the web service needs the certificate - not the web application!.
How can I handle it without creating an independent web project for the web service on IIS?
-
Peter Hahndorf over 9 yearsYou should be able to set the SSL settings
Accept Client Certificate
on folder or file basis. So just put it on the files/folders that make up your service. -
Homam over 9 years@PeterHahndorf, I have already set it to Accept Certificate, but it is acting like it is requiring certificate! which is not desired.
-
Peter Hahndorf over 9 yearsIf set to accept, the server will tell the client that it supports client certificates. If the browser knows about at least one client cert, it shows the selection box to the user. My point was that you should set
Accept Client Certificate
only on the service files which are not directly accessed by the user. -
Homam over 9 yearsSo, it is on the file / folder level. Not on the application level. Right?
-
Homam over 9 yearsWell, no, no javascript call to the web service. Please add your comment as an answer to check it :)
-