Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Install the role service under IIS
At the Server level - enable DS mapping under authentication:
Create the web site.
Enable it for HTTPS ( bindings )
Set the site to require certs under: 
Enable the site :
C:\Windows\SysWOW64\inetsrv>appcmd unlock config /section:clientCertificateMappingAuthentication
Unlocked section "system.webServer/security/authentication/clientCertificateMappingAuthentication"
at configuration path "MACHINE/WEBROOT/APPHOST".
C:\Windows\SysWOW64\inetsrv>appcmd set config "CertAuthWebSite" -section:clientCertificateMappingAuthentication /enabled:true
Applied configuration changes to section "system.webServer/security/authentication/clientCertificateMappingAuthentication"
for "MACHINE/WEBROOT/APPHOST/CertAuthWebSite" at configuration commit path "MACHINE/WEBROOT/APPHOST/CertAuthWebSite"
Do a reset for good measure ( at least I do )
C:\Windows\SysWOW64\inetsrv>iisreset /noforce
Attempting stop...
Internet services successfully stopped
Attempting start...
Internet services successfully restarted
Comments
- Anonymous
August 06, 2013
How do I do this in powershell? Should this work? Set-WebConfiguration -Location "$websiteName/Citrix/$webApplicationName" -Filter "system.webServer/security/authentication/clientCertificateMappingAuthentication" -Value "True"